Analysis

  • max time kernel
    144s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    21/01/2025, 11:10 UTC

General

  • Target

    JaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html

  • Size

    114KB

  • MD5

    0423be5dedc5c7e0ab4f893378b38a89

  • SHA1

    3efabdd555d86a204eddafc083ad435f4e09f2bf

  • SHA256

    cd27f8f44a61643759729c17f8fdd4b5674935d3fd94d5e8d37c2d646fa8d1dc

  • SHA512

    30d1ade393f0f2bdb9120a69e6023fb8ee163a8da93f848c4a4a4bdadb49f576adb91fe9f68e626ab8c1cd9aa19928d8442e8e11cb9fad72dcf51362a47b1d81

  • SSDEEP

    3072:CoV1odnh8XvCodnh1SxY0tcZBE9Fbbo9YsgZy473tCBtM7Ierd:CGGY0tcZBE9Fbbo9YsgZy473yU

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Socgholish family
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:640
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:640 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

  • flag-us
    DNS
    widgets.amung.us
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    widgets.amung.us
    IN A
    Response
    widgets.amung.us
    IN A
    172.67.8.141
    widgets.amung.us
    IN A
    104.22.74.171
    widgets.amung.us
    IN A
    104.22.75.171
  • flag-us
    DNS
    img1.blogblog.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    img1.blogblog.com
    IN A
    Response
    img1.blogblog.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    142.250.179.233
  • flag-us
    DNS
    apis.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apis.google.com
    IN A
    Response
    apis.google.com
    IN CNAME
    plus.l.google.com
    plus.l.google.com
    IN A
    142.250.178.14
  • flag-us
    DNS
    segitsuti.hu
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    segitsuti.hu
    IN A
    Response
    segitsuti.hu
    IN A
    104.21.87.190
    segitsuti.hu
    IN A
    172.67.145.159
  • flag-us
    DNS
    2.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    2.bp.blogspot.com
    IN A
    Response
    2.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    www.linkwithin.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.linkwithin.com
    IN A
    Response
    www.linkwithin.com
    IN CNAME
    linkwithin.com
    linkwithin.com
    IN A
    118.139.179.30
  • flag-us
    DNS
    static.networkedblogs.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.networkedblogs.com
    IN A
    Response
  • flag-us
    DNS
    nwidget.networkedblogs.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    nwidget.networkedblogs.com
    IN A
    Response
  • flag-us
    DNS
    feedjit.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    feedjit.com
    IN A
    Response
  • flag-us
    DNS
    1.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    1.bp.blogspot.com
    IN A
    Response
    1.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    4.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    4.bp.blogspot.com
    IN A
    Response
    4.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    3.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    3.bp.blogspot.com
    IN A
    Response
    3.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    s46.sitemeter.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s46.sitemeter.com
    IN A
    Response
  • flag-us
    DNS
    stat.mystat.hu
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    stat.mystat.hu
    IN A
    Response
    stat.mystat.hu
    IN CNAME
    www.mystat.hu
    www.mystat.hu
    IN A
    193.39.14.205
  • flag-us
    DNS
    blogcounter.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    blogcounter.com
    IN A
    Response
    blogcounter.com
    IN A
    172.67.131.123
    blogcounter.com
    IN A
    104.21.10.134
  • flag-us
    DNS
    www.blogger.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.blogger.com
    IN A
    Response
    www.blogger.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    142.250.179.233
  • flag-us
    DNS
    img2.blogblog.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    img2.blogblog.com
    IN A
    Response
    img2.blogblog.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    142.250.179.233
  • flag-us
    DNS
    tcr.tynt.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    tcr.tynt.com
    IN A
    Response
    tcr.tynt.com
    IN CNAME
    tcr.tynt.com.cdn.cloudflare.net
    tcr.tynt.com.cdn.cloudflare.net
    IN A
    104.18.13.146
    tcr.tynt.com.cdn.cloudflare.net
    IN A
    104.18.12.146
  • flag-sg
    GET
    http://www.linkwithin.com/pixel.png
    IEXPLORE.EXE
    Remote address:
    118.139.179.30:80
    Request
    GET /pixel.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.linkwithin.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: Apache
    Content-Length: 315
    Keep-Alive: timeout=5
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1
  • flag-sg
    GET
    http://www.linkwithin.com/widget.js
    IEXPLORE.EXE
    Remote address:
    118.139.179.30:80
    Request
    GET /widget.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.linkwithin.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: Apache
    Content-Length: 315
    Keep-Alive: timeout=5
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1
  • flag-us
    GET
    http://widgets.amung.us/tab.js
    IEXPLORE.EXE
    Remote address:
    172.67.8.141:80
    Request
    GET /tab.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: widgets.amung.us
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Content-Type: application/x-javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    last-modified: Mon, 20 Jan 2025 23:38:37 GMT
    etag: W/"678ede7d-728a"
    expires: Wed, 22 Jan 2025 10:54:35 GMT
    cache-control: max-age=86400
    access-control-allow-origin: *
    content-encoding: gzip
    CF-Cache-Status: HIT
    Age: 975
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 9056dc2e4d36bed7-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-gb
    GET
    http://2.bp.blogspot.com/-Lup9TLmv88o/ThCElcByxvI/AAAAAAAAByw/SbiDwJVkA98/s72-c/meggyes_pite3.png
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /-Lup9TLmv88o/ThCElcByxvI/AAAAAAAAByw/SbiDwJVkA98/s72-c/meggyes_pite3.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v72c"
    Expires: Wed, 22 Jan 2025 11:10:51 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="meggyes_pite3.png"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:51 GMT
    Server: fife
    Content-Length: 10097
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://2.bp.blogspot.com/_mTuJtwbEjVA/SY8oCMVMRfI/AAAAAAAAALM/mIcCLmh0EFE/S220/lludanyo-mesei.jpeg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/SY8oCMVMRfI/AAAAAAAAALM/mIcCLmh0EFE/S220/lludanyo-mesei.jpeg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "vb3"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="lludanyo-mesei.jpeg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 19658
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://2.bp.blogspot.com/_mTuJtwbEjVA/SeTR2PBz1qI/AAAAAAAAAZ8/X3ulMCzKprg/s72-c/toltott-kenyer-6.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/SeTR2PBz1qI/AAAAAAAAAZ8/X3ulMCzKprg/s72-c/toltott-kenyer-6.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v19f"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="toltott-kenyer-6.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 2445
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://img1.blogblog.com/img/blank.gif
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:80
    Request
    GET /img/blank.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img1.blogblog.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 43
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 17 Jan 2025 09:55:35 GMT
    Expires: Fri, 24 Jan 2025 09:55:35 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Thu, 16 Jan 2025 22:55:17 GMT
    Content-Type: image/gif
    Age: 350115
  • flag-gb
    GET
    https://apis.google.com/js/plusone.js
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /js/plusone.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Access-Control-Allow-Origin: *
    Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
    Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
    Timing-Allow-Origin: *
    Date: Tue, 21 Jan 2025 11:10:51 GMT
    Expires: Tue, 21 Jan 2025 11:10:51 GMT
    Cache-Control: private, max-age=1800, stale-while-revalidate=1800
    ETag: "bb74970fe396ae14"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 54256
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 17 Jan 2025 09:12:22 GMT
    Expires: Sat, 17 Jan 2026 09:12:22 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 Jan 2025 15:55:24 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 352709
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    GET
    http://segitsuti.hu//files/fckuploads/oldaltgomb2.jpg
    IEXPLORE.EXE
    Remote address:
    104.21.87.190:80
    Request
    GET //files/fckuploads/oldaltgomb2.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: segitsuti.hu
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Content-Type: text/html
    Content-Length: 167
    Connection: keep-alive
    Cache-Control: max-age=3600
    Expires: Tue, 21 Jan 2025 12:10:50 GMT
    Location: https://segitsuti.hu//files/fckuploads/oldaltgomb2.jpg
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHv1HdE2JLivNp6JVkjzjMuv3K%2BDIiW6QwkCMuu7xHajNjsxCpIBRygi6Yb7ZAxuQRHT%2Fi53lRywU8rAYe09BiYWMeLbltsnE0w6wehlM0itfvYg9wLKI50TYrDqn3M%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 9056dc2e4c09636b-LHR
    alt-svc: h3=":443"; ma=86400
    server-timing: cfL4;desc="?proto=TCP&rtt=29008&min_rtt=29008&rtt_var=14504&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=293&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
  • flag-gb
    GET
    http://img1.blogblog.com/img/icon18_wrench_allbkg.png
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:80
    Request
    GET /img/icon18_wrench_allbkg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img1.blogblog.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 475
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 17 Jan 2025 10:35:03 GMT
    Expires: Fri, 24 Jan 2025 10:35:03 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Fri, 17 Jan 2025 09:51:15 GMT
    Content-Type: image/png
    Age: 347747
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 13705
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Mon, 20 Jan 2025 21:21:14 GMT
    Expires: Tue, 20 Jan 2026 21:21:14 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 Jan 2025 15:55:24 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 49777
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-hu
    GET
    http://stat.mystat.hu/stat.php?h=4&id=102927
    IEXPLORE.EXE
    Remote address:
    193.39.14.205:80
    Request
    GET /stat.php?h=4&id=102927 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: stat.mystat.hu
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.10.3 (Ubuntu)
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    X-Powered-By: PHP/5.6.36-1+ubuntu16.04.1+deb.sury.org+1
    Content-Encoding: gzip
  • flag-hu
    DNS
    IEXPLORE.EXE
    Remote address:
    193.39.14.205:80
    Response
    HTTP/1.0 408 Request Time-out
    Cache-Control: no-cache
    Connection: close
    Content-Type: text/html
  • flag-gb
    GET
    http://1.bp.blogspot.com/_mTuJtwbEjVA/S4k4o8Z2RBI/AAAAAAAABc4/tdUFbULVsok/S190/rumbaba-1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/S4k4o8Z2RBI/AAAAAAAABc4/tdUFbULVsok/S190/rumbaba-1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v5ce"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="rumbaba-1.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 11846
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://1.bp.blogspot.com/_mTuJtwbEjVA/SiF4fEu5kMI/AAAAAAAAAmo/ALF8Kr-TrO0/s1600/krumpli-turos-1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/SiF4fEu5kMI/AAAAAAAAAmo/ALF8Kr-TrO0/s1600/krumpli-turos-1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v26a"
    Expires: Wed, 22 Jan 2025 11:10:51 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="krumpli-turos-1.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:51 GMT
    Server: fife
    Content-Length: 86820
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://1.bp.blogspot.com/_mTuJtwbEjVA/TB4fUq_yorI/AAAAAAAABl0/i6RaJ1aKp0k/S190/t%C3%B6k%C3%B6s-pite-5.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/TB4fUq_yorI/AAAAAAAABl0/i6RaJ1aKp0k/S190/t%C3%B6k%C3%B6s-pite-5.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v65d"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="t_k_s-pite-5.jpg";filename*=UTF-8''t%C3%B6k%C3%B6s-pite-5.jpg
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 12189
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://1.bp.blogspot.com/_mTuJtwbEjVA/Sj57aUw3FkI/AAAAAAAAAro/k4DcJpKk4vU/s72-c/5-perces-kenyer-9.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/Sj57aUw3FkI/AAAAAAAAAro/k4DcJpKk4vU/s72-c/5-perces-kenyer-9.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v2ba"
    Expires: Wed, 22 Jan 2025 11:10:51 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="5-perces-kenyer-9.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:51 GMT
    Server: fife
    Content-Length: 3881
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://1.bp.blogspot.com/_mTuJtwbEjVA/SjFSgp7Tv1I/AAAAAAAAApw/wkxWyrBs1T8/s72-c/kakaos-palacsinta-1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/SjFSgp7Tv1I/AAAAAAAAApw/wkxWyrBs1T8/s72-c/kakaos-palacsinta-1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v29c"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="kakaos-palacsinta-1.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 3870
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://1.bp.blogspot.com/_mTuJtwbEjVA/SiF4fEu5kMI/AAAAAAAAAmo/ALF8Kr-TrO0/s72-c/krumpli-turos-1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/SiF4fEu5kMI/AAAAAAAAAmo/ALF8Kr-TrO0/s72-c/krumpli-turos-1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v26a"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="krumpli-turos-1.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 3752
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://1.bp.blogspot.com/_mTuJtwbEjVA/Sq1MyVagb2I/AAAAAAAABAM/Wdnr2AGIsvk/s72-c/bukta-1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/Sq1MyVagb2I/AAAAAAAABAM/Wdnr2AGIsvk/s72-c/bukta-1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v403"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="bukta-1.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 2943
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://3.bp.blogspot.com/_mTuJtwbEjVA/SiPKbU8cQbI/AAAAAAAAAm4/y0AtZcgZM7k/s72-c/vadas-2.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/SiPKbU8cQbI/AAAAAAAAAm4/y0AtZcgZM7k/s72-c/vadas-2.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v26e"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="vadas-2.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 3584
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://3.bp.blogspot.com/_mTuJtwbEjVA/S4k6xwOsDmI/AAAAAAAABdQ/wnHswpHhq28/S190/tresleches-2.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/S4k6xwOsDmI/AAAAAAAABdQ/wnHswpHhq28/S190/tresleches-2.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v5d4"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="tresleches-2.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 11393
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://3.bp.blogspot.com/_mTuJtwbEjVA/S4ZqUJIGSKI/AAAAAAAABbw/dtUR_FCQolU/s72-c/bananos-karamellas-4.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/S4ZqUJIGSKI/AAAAAAAABbw/dtUR_FCQolU/s72-c/bananos-karamellas-4.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v5bc"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="bananos-karamellas-4.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 5712
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://3.bp.blogspot.com/_mTuJtwbEjVA/SiF43UTiNFI/AAAAAAAAAmw/qV3nBz9M4sc/s1600/krumpli-turos-2.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/SiF43UTiNFI/AAAAAAAAAmw/qV3nBz9M4sc/s1600/krumpli-turos-2.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v26c"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="krumpli-turos-2.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 85023
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://4.bp.blogspot.com/_mTuJtwbEjVA/S4k4_za9DUI/AAAAAAAABdA/tFY9bRVT4RM/S190/eszkimo-szelet-1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/S4k4_za9DUI/AAAAAAAABdA/tFY9bRVT4RM/S190/eszkimo-szelet-1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v5d0"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="eszkimo-szelet-1.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 12592
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://4.bp.blogspot.com/_mTuJtwbEjVA/S4k3l95ZAhI/AAAAAAAABcw/09QYoCZvWdI/S190/bananos-karamellas.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/S4k3l95ZAhI/AAAAAAAABcw/09QYoCZvWdI/S190/bananos-karamellas.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v5cc"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="bananos-karamellas.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 21602
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://4.bp.blogspot.com/_mTuJtwbEjVA/S4k6VDg0SvI/AAAAAAAABdI/gQaGoykO6sM/S190/habcsok-1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/S4k6VDg0SvI/AAAAAAAABdI/gQaGoykO6sM/S190/habcsok-1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v5d2"
    Expires: Wed, 22 Jan 2025 11:10:51 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="habcsok-1.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:51 GMT
    Server: fife
    Content-Length: 12900
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://4.bp.blogspot.com/_jA-SP6SAtfY/SrCOsBgFT6I/AAAAAAAABNo/mRr1xtkBjMw/s1600/header1y.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_jA-SP6SAtfY/SrCOsBgFT6I/AAAAAAAABNo/mRr1xtkBjMw/s1600/header1y.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="header1y.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 22554
    X-XSS-Protection: 0
    Date: Tue, 21 Jan 2025 09:03:29 GMT
    Expires: Wed, 22 Jan 2025 09:03:29 GMT
    Cache-Control: public, max-age=86400, no-transform
    Age: 7642
    ETag: "v4da"
    Content-Type: image/jpeg
    Vary: Origin
  • flag-gb
    GET
    http://4.bp.blogspot.com/_mTuJtwbEjVA/SeixwsZ7BgI/AAAAAAAAAaU/xYIin8yHwHM/s72-c/VKF-kifli-1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/SeixwsZ7BgI/AAAAAAAAAaU/xYIin8yHwHM/s72-c/VKF-kifli-1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1a5"
    Expires: Wed, 22 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="VKF-kifli-1.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Server: fife
    Content-Length: 4904
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://4.bp.blogspot.com/_mTuJtwbEjVA/Sx_LS3Sf5OI/AAAAAAAABPI/nRK_onu2JiE/s72-c/citromos-dios-sutemeny-1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_mTuJtwbEjVA/Sx_LS3Sf5OI/AAAAAAAABPI/nRK_onu2JiE/s72-c/citromos-dios-sutemeny-1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v4f2"
    Expires: Wed, 22 Jan 2025 11:10:51 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="citromos-dios-sutemeny-1.jpg"
    X-Content-Type-Options: nosniff
    Date: Tue, 21 Jan 2025 11:10:51 GMT
    Server: fife
    Content-Length: 3764
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://www.blogger.com/img/icon18_email.gif
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:80
    Request
    GET /img/icon18_email.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 164
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 17 Jan 2025 09:51:38 GMT
    Expires: Fri, 24 Jan 2025 09:51:38 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Thu, 16 Jan 2025 19:53:56 GMT
    Content-Type: image/gif
    Age: 350352
  • flag-us
    GET
    http://blogcounter.com/js.php?user=ludanyo&style=1
    IEXPLORE.EXE
    Remote address:
    172.67.131.123:80
    Request
    GET /js.php?user=ludanyo&style=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogcounter.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    cf-cache-status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BWVTrfzmrPKokCV3q6p5xn4ZJz06Wx3RnYBhDh0mH118dDHYjYDoTYSi97FnfDoBRyd5myrAdI%2Bbl1ST5DQcwfrrXfcbv9i%2FcSixhdckWQEUeW%2F6zkZpsqrFX1ISOp0FI9A%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 9056dc2e59a86371-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
    server-timing: cfL4;desc="?proto=TCP&rtt=28062&min_rtt=28062&rtt_var=14031&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=273&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
  • flag-us
    GET
    http://tcr.tynt.com/javascripts/Tracer.js?user=d84GFWbZSr35WiadbiUzgI&s=120
    IEXPLORE.EXE
    Remote address:
    104.18.13.146:80
    Request
    GET /javascripts/Tracer.js?user=d84GFWbZSr35WiadbiUzgI&s=120 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: tcr.tynt.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Tue, 21 Jan 2025 11:10:50 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    last-modified: Thu, 05 Oct 2023 15:09:01 GMT
    vary: Accept-Encoding
    etag: W/"651ed18d-d615"
    content-encoding: gzip
    CF-Cache-Status: HIT
    Age: 14807
    Expires: Fri, 24 Jan 2025 11:10:50 GMT
    Cache-Control: public, max-age=259200
    Server: cloudflare
    CF-RAY: 9056dc2e7ce0bed8-LHR
  • flag-gb
    GET
    http://img2.blogblog.com/img/icon18_edit_allbkg.gif
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:80
    Request
    GET /img/icon18_edit_allbkg.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img2.blogblog.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 162
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 17 Jan 2025 09:10:56 GMT
    Expires: Fri, 24 Jan 2025 09:10:56 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Thu, 16 Jan 2025 19:53:56 GMT
    Content-Type: image/gif
    Age: 352794
  • flag-us
    GET
    https://segitsuti.hu//files/fckuploads/oldaltgomb2.jpg
    IEXPLORE.EXE
    Remote address:
    104.21.87.190:443
    Request
    GET //files/fckuploads/oldaltgomb2.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: segitsuti.hu
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Tue, 21 Jan 2025 11:10:51 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    expires: Wed, 11 Jan 1984 05:00:00 GMT
    Cache-Control: max-age=14400, must-revalidate
    x-ua-compatible: IE=edge
    x-redirect-by: WordPress
    location: https://www.segitsuti.hu/files/fckuploads/oldaltgomb2.jpg
    vary: User-Agent, Accept-Encoding
    alt-svc: h3=":443"; ma=86400
    x-turbo-charged-by: LiteSpeed
    CF-Cache-Status: MISS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jiE02DteznkG%2FyjY9jnIqzGjQVlKuNh6vlLBRJvBxolGcjs5stmYycCo81WFIS9I0qx%2BcmcBAikqCFYoP%2Fte7iOEXgEuaop5LIhyvqUIfhbhRhtHe8JaARRmpVczdFM%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 9056dc30ed18cd2d-LHR
    server-timing: cfL4;desc="?proto=TCP&rtt=30334&min_rtt=28942&rtt_var=10575&sent=7&recv=8&lost=0&retrans=1&sent_bytes=3186&recv_bytes=611&delivery_rate=115702&cwnd=238&unsent_bytes=0&cid=d6cd44fe99f7d3c7&ts=644&x=0"
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-gb
    GET
    http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 1446
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Tue, 21 Jan 2025 10:20:29 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3021
  • flag-gb
    GET
    http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 1446
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Tue, 21 Jan 2025 10:20:29 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3021
  • flag-gb
    GET
    http://c.pki.goog/r/gsr1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/gsr1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 1739
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 21 Jan 2025 10:50:33 GMT
    Expires: Tue, 21 Jan 2025 11:40:33 GMT
    Cache-Control: public, max-age=3000
    Age: 1217
    Last-Modified: Tue, 07 Jan 2025 07:28:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 21 Jan 2025 10:30:32 GMT
    Expires: Tue, 21 Jan 2025 11:20:32 GMT
    Cache-Control: public, max-age=3000
    Age: 2418
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 21 Jan 2025 10:30:32 GMT
    Expires: Tue, 21 Jan 2025 11:20:32 GMT
    Cache-Control: public, max-age=3000
    Age: 2418
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r4.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r4.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 436
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 21 Jan 2025 10:21:52 GMT
    Expires: Tue, 21 Jan 2025 11:11:52 GMT
    Cache-Control: public, max-age=3000
    Age: 2938
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGdE1QgSdYy7EKQp2lG7B7I%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGdE1QgSdYy7EKQp2lG7B7I%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Tue, 21 Jan 2025 10:26:15 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2676
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGdE1QgSdYy7EKQp2lG7B7I%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGdE1QgSdYy7EKQp2lG7B7I%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Tue, 21 Jan 2025 10:26:15 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2676
  • flag-us
    DNS
    www.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    142.250.187.196
  • flag-us
    DNS
    img132.imageshack.us
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    img132.imageshack.us
    IN A
    Response
    img132.imageshack.us
    IN CNAME
    imagizer-cv.imageshack.us
    imagizer-cv.imageshack.us
    IN A
    38.99.77.17
    imagizer-cv.imageshack.us
    IN A
    38.99.77.16
  • flag-gb
    GET
    http://www.google.com/friendconnect/script/friendconnect.js
    IEXPLORE.EXE
    Remote address:
    142.250.187.196:80
    Request
    GET /friendconnect/script/friendconnect.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Content-Type: text/html; charset=UTF-8
    Referrer-Policy: no-referrer
    Content-Length: 1598
    Date: Tue, 21 Jan 2025 11:10:51 GMT
  • flag-gb
    GET
    http://www.google.com/friendconnect/script/friendconnect.js
    IEXPLORE.EXE
    Remote address:
    142.250.187.196:80
    Request
    GET /friendconnect/script/friendconnect.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Content-Type: text/html; charset=UTF-8
    Referrer-Policy: no-referrer
    Content-Length: 1598
    Date: Tue, 21 Jan 2025 11:10:55 GMT
  • flag-us
    DNS
    www.segitsuti.hu
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.segitsuti.hu
    IN A
    Response
    www.segitsuti.hu
    IN A
    104.21.87.190
    www.segitsuti.hu
    IN A
    172.67.145.159
  • flag-us
    GET
    https://www.segitsuti.hu/files/fckuploads/oldaltgomb2.jpg
    IEXPLORE.EXE
    Remote address:
    104.21.87.190:443
    Request
    GET /files/fckuploads/oldaltgomb2.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.segitsuti.hu
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 21 Jan 2025 11:10:51 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    expires: Wed, 11 Jan 1984 05:00:00 GMT
    Cache-Control: max-age=14400, must-revalidate
    x-ua-compatible: IE=edge
    link: <https://www.segitsuti.hu/wp-json/>; rel="https://api.w.org/"
    vary: Accept-Encoding,User-Agent
    retry-after: 3
    alt-svc: h3=":443"; ma=86400
    x-turbo-charged-by: LiteSpeed
    CF-Cache-Status: MISS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrIBL2AwPf6rV2AZ%2FzI0ZQHoMFAt8tXxwQDS4DRMVG4WS7IAEeHlpA%2BdwuFW3Dp2FnIq0betYsFPcQuABIOiaI%2BqWKlMvqcu9VMNfbvZCyS%2BQi%2B531KYNHPfZuCH46EkFuRW"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 9056dc341872654d-LHR
    Content-Encoding: gzip
    server-timing: cfL4;desc="?proto=TCP&rtt=29044&min_rtt=26536&rtt_var=9561&sent=6&recv=6&lost=0&retrans=0&sent_bytes=3134&recv_bytes=618&delivery_rate=107832&cwnd=253&unsent_bytes=0&cid=6af1d20523b9b788&ts=363&x=0"
  • flag-us
    GET
    http://img132.imageshack.us/img132/7414/header2f.jpg
    IEXPLORE.EXE
    Remote address:
    38.99.77.17:80
    Request
    GET /img132/7414/header2f.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img132.imageshack.us
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Server: nginx/1.2.8
    Date: Tue, 21 Jan 2025 11:10:51 GMT
    Content-Type: text/html
    Content-Length: 168
    Connection: keep-alive
    Access-Control-Allow-Methods: GET, HEAD, OPTIONS
    Access-Control-Allow-Origin: *
    Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
    Access-Control-Expose-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
  • flag-us
    DNS
    www.facebook.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.facebook.com
    IN A
    Response
    www.facebook.com
    IN CNAME
    star-mini.c10r.facebook.com
    star-mini.c10r.facebook.com
    IN A
    157.240.214.35
  • flag-us
    DNS
    ic.tynt.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ic.tynt.com
    IN A
    Response
    ic.tynt.com
    IN A
    67.202.105.31
    ic.tynt.com
    IN A
    67.202.105.34
  • flag-us
    DNS
    sc.tynt.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    sc.tynt.com
    IN A
    Response
    sc.tynt.com
    IN CNAME
    sc.tynt.com.cdn.cloudflare.net
    sc.tynt.com.cdn.cloudflare.net
    IN A
    104.18.12.146
    sc.tynt.com.cdn.cloudflare.net
    IN A
    104.18.13.146
  • flag-gb
    GET
    http://www.facebook.com/plugins/like.php?href=http://ludanyo.blogspot.hu/2009/05/edes-krumplis-turos-beles-vkf-xxv.html&layout=standard&show_faces=false&width=100&action=like&font=arial&colorscheme=light
    IEXPLORE.EXE
    Remote address:
    157.240.214.35:80
    Request
    GET /plugins/like.php?href=http://ludanyo.blogspot.hu/2009/05/edes-krumplis-turos-beles-vkf-xxv.html&layout=standard&show_faces=false&width=100&action=like&font=arial&colorscheme=light HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Location: https://www.facebook.com/plugins/like.php?href=http://ludanyo.blogspot.hu/2009/05/edes-krumplis-turos-beles-vkf-xxv.html&layout=standard&show_faces=false&width=100&action=like&font=arial&colorscheme=light
    Content-Type: text/plain
    Server: proxygen-bolt
    Date: Tue, 21 Jan 2025 11:10:55 GMT
    Connection: keep-alive
    Content-Length: 0
  • flag-us
    DNS
    IEXPLORE.EXE
    Remote address:
    67.202.105.31:443
    Response
    HTTP/1.1 408 Request Time-out
    Content-length: 110
    Cache-Control: no-cache
    Connection: close
    Content-Type: text/html
  • flag-us
    GET
    https://ic.tynt.com/b/p?id=d84GFWbZSr35WiadbiUzgI&lm=0&ts=1737457854393&dn=TI&iso=0&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html&t=l%C3%BAdany%C3%B3%3A%20%C3%89des%20krumplis-t%C3%BAr%C3%B3s%20b%C3%A9les%20-%20VKF!%20XXV.
    IEXPLORE.EXE
    Remote address:
    67.202.105.31:443
    Request
    GET /b/p?id=d84GFWbZSr35WiadbiUzgI&lm=0&ts=1737457854393&dn=TI&iso=0&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html&t=l%C3%BAdany%C3%B3%3A%20%C3%89des%20krumplis-t%C3%BAr%C3%B3s%20b%C3%A9les%20-%20VKF!%20XXV. HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ic.tynt.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 204 No Content
    server: nginx/1.16.1
    date: Tue, 21 Jan 2025 11:10:56 GMT
    cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
    expires: "Sat, 26 Jul 1997 05:00:00 GMT"
    p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
  • flag-us
    GET
    https://ic.tynt.com/b/p?id=d84GFWbZSr35WiadbiUzgI&lm=0&ts=1737457854393&dn=TI&iso=0&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html
    IEXPLORE.EXE
    Remote address:
    67.202.105.31:443
    Request
    GET /b/p?id=d84GFWbZSr35WiadbiUzgI&lm=0&ts=1737457854393&dn=TI&iso=0&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ic.tynt.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 204 No Content
    server: nginx/1.16.1
    date: Tue, 21 Jan 2025 11:10:56 GMT
    cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
    expires: "Sat, 26 Jul 1997 05:00:00 GMT"
    p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
  • flag-gb
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
    Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
    Server: Golfe2
    Content-Length: 17168
    Date: Tue, 21 Jan 2025 10:27:31 GMT
    Expires: Tue, 21 Jan 2025 12:27:31 GMT
    Cache-Control: public, max-age=7200
    Age: 2604
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • flag-gb
    GET
    https://www.facebook.com/plugins/like.php?href=http://ludanyo.blogspot.hu/2009/05/edes-krumplis-turos-beles-vkf-xxv.html&layout=standard&show_faces=false&width=100&action=like&font=arial&colorscheme=light
    IEXPLORE.EXE
    Remote address:
    157.240.214.35:443
    Request
    GET /plugins/like.php?href=http://ludanyo.blogspot.hu/2009/05/edes-krumplis-turos-beles-vkf-xxv.html&layout=standard&show_faces=false&width=100&action=like&font=arial&colorscheme=light HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html;charset=utf-8
    Pragma: no-cache
    Cache-Control: private, no-cache, no-store, must-revalidate
    Expires: Sat, 01 Jan 2000 00:00:00 GMT
    content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7462324665424059741"
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7462324665424059741"}]}
    cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
    cross-origin-opener-policy: same-origin-allow-popups
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    X-FB-Debug: 4Lar+nqV4/1hzDXywcsxMyzwcq/IC7e6+9IS7psT05nlPYGRwqFZx2/crXBEgP8r1w31IfvLlHkF5uTXsYFnKw==
    Date: Tue, 21 Jan 2025 11:10:55 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=52, rtx=0, c=10, mss=1357, tbw=3220, tp=-1, tpl=-1, uplat=22, ullat=0
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 0
  • flag-us
    DNS
    de.tynt.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    de.tynt.com
    IN A
    Response
    de.tynt.com
    IN A
    67.202.105.32
    de.tynt.com
    IN A
    67.202.105.33
  • flag-us
    GET
    https://de.tynt.com/deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=1&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html
    IEXPLORE.EXE
    Remote address:
    67.202.105.32:443
    Request
    GET /deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=1&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: de.tynt.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200
    cache-control: max-age=86400
    expires: Wed, 22 Jan 2025 11:10:56 GMT
    accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
    content-type: application/javascript
    content-length: 4
    date: Tue, 21 Jan 2025 11:10:55 GMT
    p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
  • flag-us
    GET
    https://de.tynt.com/deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=2&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html
    IEXPLORE.EXE
    Remote address:
    67.202.105.32:443
    Request
    GET /deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=2&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: de.tynt.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200
    cache-control: max-age=86400
    expires: Wed, 22 Jan 2025 11:11:10 GMT
    accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
    content-type: application/javascript
    content-length: 4
    date: Tue, 21 Jan 2025 11:11:10 GMT
    p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
  • flag-us
    DNS
    IEXPLORE.EXE
    Remote address:
    67.202.105.32:443
    Response
    HTTP/1.1 408 Request Time-out
    Content-length: 110
    Cache-Control: no-cache
    Connection: close
    Content-Type: text/html
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.192.18.101
  • flag-us
    GET
    http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
    Remote address:
    23.192.18.101:80
    Request
    GET /pkiops/crl/MicCodSigPCA2011_2011-07-08.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Mon, 03 Jun 2024 21:25:24 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: www.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1078
    Content-Type: application/octet-stream
    Content-MD5: HqJzZuA065RHozzmOcAUiQ==
    Last-Modified: Tue, 14 Jan 2025 20:41:31 GMT
    ETag: 0x8DD34DBD43549F4
    x-ms-request-id: 90d94cda-601e-004e-55c9-667962000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    X-EdgeConnect-Origin-MEX-Latency: 139
    Date: Tue, 21 Jan 2025 11:11:21 GMT
    Connection: keep-alive
    TLS_version: UNKNOWN
    ms-cv: CASMicrosoftCV16fc67d3.0
    ms-cv-esi: CASMicrosoftCV16fc67d3.0
    X-RTag: RT
  • flag-us
    DNS
    crl.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    crl.microsoft.com
    IN A
    Response
    crl.microsoft.com
    IN CNAME
    crl.www.ms.akadns.net
    crl.www.ms.akadns.net
    IN CNAME
    a1363.dscg.akamai.net
    a1363.dscg.akamai.net
    IN A
    2.19.252.143
    a1363.dscg.akamai.net
    IN A
    2.19.252.157
  • flag-gb
    GET
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    Remote address:
    2.19.252.143:80
    Request
    GET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Thu, 11 Jul 2024 01:45:51 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crl.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1036
    Content-Type: application/octet-stream
    Content-MD5: +oTkvMkqpdtzWrUHEQQM3g==
    Last-Modified: Thu, 12 Dec 2024 00:06:56 GMT
    ETag: 0x8DD1A40E476D877
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: bbedffbb-e01e-001d-74ca-685a56000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Tue, 21 Jan 2025 11:11:21 GMT
    Connection: keep-alive
  • flag-us
    GET
    https://de.tynt.com/deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=3&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html
    IEXPLORE.EXE
    Remote address:
    67.202.105.32:443
    Request
    GET /deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=3&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: de.tynt.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200
    cache-control: max-age=86400
    expires: Wed, 22 Jan 2025 11:11:25 GMT
    accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
    content-type: application/javascript
    content-length: 4
    date: Tue, 21 Jan 2025 11:11:25 GMT
    p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
  • flag-us
    DNS
    IEXPLORE.EXE
    Remote address:
    67.202.105.32:443
    Response
    HTTP/1.1 408 Request Time-out
    Content-length: 110
    Cache-Control: no-cache
    Connection: close
    Content-Type: text/html
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • 118.139.179.30:80
    http://www.linkwithin.com/pixel.png
    http
    IEXPLORE.EXE
    781 B
    679 B
    11
    4

    HTTP Request

    GET http://www.linkwithin.com/pixel.png

    HTTP Response

    404
  • 118.139.179.30:80
    http://www.linkwithin.com/widget.js
    http
    IEXPLORE.EXE
    764 B
    679 B
    11
    4

    HTTP Request

    GET http://www.linkwithin.com/widget.js

    HTTP Response

    404
  • 172.67.8.141:80
    http://widgets.amung.us/tab.js
    http
    IEXPLORE.EXE
    897 B
    20.4kB
    14
    19

    HTTP Request

    GET http://widgets.amung.us/tab.js

    HTTP Response

    200
  • 172.67.8.141:80
    widgets.amung.us
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 172.217.16.225:80
    http://2.bp.blogspot.com/-Lup9TLmv88o/ThCElcByxvI/AAAAAAAAByw/SbiDwJVkA98/s72-c/meggyes_pite3.png
    http
    IEXPLORE.EXE
    751 B
    11.0kB
    9
    11

    HTTP Request

    GET http://2.bp.blogspot.com/-Lup9TLmv88o/ThCElcByxvI/AAAAAAAAByw/SbiDwJVkA98/s72-c/meggyes_pite3.png

    HTTP Response

    200
  • 172.217.16.225:80
    http://2.bp.blogspot.com/_mTuJtwbEjVA/SY8oCMVMRfI/AAAAAAAAALM/mIcCLmh0EFE/S220/lludanyo-mesei.jpeg
    http
    IEXPLORE.EXE
    936 B
    20.8kB
    13
    18

    HTTP Request

    GET http://2.bp.blogspot.com/_mTuJtwbEjVA/SY8oCMVMRfI/AAAAAAAAALM/mIcCLmh0EFE/S220/lludanyo-mesei.jpeg

    HTTP Response

    200
  • 172.217.16.225:80
    http://2.bp.blogspot.com/_mTuJtwbEjVA/SeTR2PBz1qI/AAAAAAAAAZ8/X3ulMCzKprg/s72-c/toltott-kenyer-6.jpg
    http
    IEXPLORE.EXE
    662 B
    3.2kB
    7
    6

    HTTP Request

    GET http://2.bp.blogspot.com/_mTuJtwbEjVA/SeTR2PBz1qI/AAAAAAAAAZ8/X3ulMCzKprg/s72-c/toltott-kenyer-6.jpg

    HTTP Response

    200
  • 142.250.179.233:80
    http://img1.blogblog.com/img/blank.gif
    http
    IEXPLORE.EXE
    612 B
    2.1kB
    7
    6

    HTTP Request

    GET http://img1.blogblog.com/img/blank.gif

    HTTP Response

    200
  • 142.250.178.14:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs
    tls, http
    IEXPLORE.EXE
    2.9kB
    89.5kB
    42
    72

    HTTP Request

    GET https://apis.google.com/js/plusone.js

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs

    HTTP Response

    200
  • 104.21.87.190:80
    http://segitsuti.hu//files/fckuploads/oldaltgomb2.jpg
    http
    IEXPLORE.EXE
    621 B
    2.4kB
    7
    5

    HTTP Request

    GET http://segitsuti.hu//files/fckuploads/oldaltgomb2.jpg

    HTTP Response

    301
  • 104.21.87.190:80
    segitsuti.hu
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 142.250.179.233:80
    http://img1.blogblog.com/img/icon18_wrench_allbkg.png
    http
    IEXPLORE.EXE
    621 B
    2.3kB
    7
    5

    HTTP Request

    GET http://img1.blogblog.com/img/icon18_wrench_allbkg.png

    HTTP Response

    200
  • 142.250.178.14:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs
    tls, http
    IEXPLORE.EXE
    1.5kB
    20.1kB
    17
    22

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs

    HTTP Response

    200
  • 193.39.14.205:80
    http://stat.mystat.hu/stat.php?h=4&id=102927
    http
    IEXPLORE.EXE
    825 B
    1.3kB
    12
    4

    HTTP Request

    GET http://stat.mystat.hu/stat.php?h=4&id=102927

    HTTP Response

    200
  • 193.39.14.205:80
    stat.mystat.hu
    http
    IEXPLORE.EXE
    236 B
    305 B
    5
    2

    HTTP Response

    408
  • 172.217.16.225:80
    http://1.bp.blogspot.com/_mTuJtwbEjVA/SiF4fEu5kMI/AAAAAAAAAmo/ALF8Kr-TrO0/s1600/krumpli-turos-1.jpg
    http
    IEXPLORE.EXE
    3.8kB
    102.7kB
    63
    79

    HTTP Request

    GET http://1.bp.blogspot.com/_mTuJtwbEjVA/S4k4o8Z2RBI/AAAAAAAABc4/tdUFbULVsok/S190/rumbaba-1.jpg

    HTTP Response

    200

    HTTP Request

    GET http://1.bp.blogspot.com/_mTuJtwbEjVA/SiF4fEu5kMI/AAAAAAAAAmo/ALF8Kr-TrO0/s1600/krumpli-turos-1.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://1.bp.blogspot.com/_mTuJtwbEjVA/TB4fUq_yorI/AAAAAAAABl0/i6RaJ1aKp0k/S190/t%C3%B6k%C3%B6s-pite-5.jpg
    http
    IEXPLORE.EXE
    851 B
    13.2kB
    11
    13

    HTTP Request

    GET http://1.bp.blogspot.com/_mTuJtwbEjVA/TB4fUq_yorI/AAAAAAAABl0/i6RaJ1aKp0k/S190/t%C3%B6k%C3%B6s-pite-5.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://1.bp.blogspot.com/_mTuJtwbEjVA/Sj57aUw3FkI/AAAAAAAAAro/k4DcJpKk4vU/s72-c/5-perces-kenyer-9.jpg
    http
    IEXPLORE.EXE
    663 B
    4.6kB
    7
    7

    HTTP Request

    GET http://1.bp.blogspot.com/_mTuJtwbEjVA/Sj57aUw3FkI/AAAAAAAAAro/k4DcJpKk4vU/s72-c/5-perces-kenyer-9.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://1.bp.blogspot.com/_mTuJtwbEjVA/SjFSgp7Tv1I/AAAAAAAAApw/wkxWyrBs1T8/s72-c/kakaos-palacsinta-1.jpg
    http
    IEXPLORE.EXE
    665 B
    4.6kB
    7
    7

    HTTP Request

    GET http://1.bp.blogspot.com/_mTuJtwbEjVA/SjFSgp7Tv1I/AAAAAAAAApw/wkxWyrBs1T8/s72-c/kakaos-palacsinta-1.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://1.bp.blogspot.com/_mTuJtwbEjVA/SiF4fEu5kMI/AAAAAAAAAmo/ALF8Kr-TrO0/s72-c/krumpli-turos-1.jpg
    http
    IEXPLORE.EXE
    661 B
    4.5kB
    7
    7

    HTTP Request

    GET http://1.bp.blogspot.com/_mTuJtwbEjVA/SiF4fEu5kMI/AAAAAAAAAmo/ALF8Kr-TrO0/s72-c/krumpli-turos-1.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://1.bp.blogspot.com/_mTuJtwbEjVA/Sq1MyVagb2I/AAAAAAAABAM/Wdnr2AGIsvk/s72-c/bukta-1.jpg
    http
    IEXPLORE.EXE
    653 B
    3.6kB
    7
    6

    HTTP Request

    GET http://1.bp.blogspot.com/_mTuJtwbEjVA/Sq1MyVagb2I/AAAAAAAABAM/Wdnr2AGIsvk/s72-c/bukta-1.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://3.bp.blogspot.com/_mTuJtwbEjVA/SiPKbU8cQbI/AAAAAAAAAm4/y0AtZcgZM7k/s72-c/vadas-2.jpg
    http
    IEXPLORE.EXE
    653 B
    4.3kB
    7
    6

    HTTP Request

    GET http://3.bp.blogspot.com/_mTuJtwbEjVA/SiPKbU8cQbI/AAAAAAAAAm4/y0AtZcgZM7k/s72-c/vadas-2.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://3.bp.blogspot.com/_mTuJtwbEjVA/S4k6xwOsDmI/AAAAAAAABdQ/wnHswpHhq28/S190/tresleches-2.jpg
    http
    IEXPLORE.EXE
    795 B
    12.3kB
    10
    12

    HTTP Request

    GET http://3.bp.blogspot.com/_mTuJtwbEjVA/S4k6xwOsDmI/AAAAAAAABdQ/wnHswpHhq28/S190/tresleches-2.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://3.bp.blogspot.com/_mTuJtwbEjVA/S4ZqUJIGSKI/AAAAAAAABbw/dtUR_FCQolU/s72-c/bananos-karamellas-4.jpg
    http
    IEXPLORE.EXE
    712 B
    6.5kB
    8
    8

    HTTP Request

    GET http://3.bp.blogspot.com/_mTuJtwbEjVA/S4ZqUJIGSKI/AAAAAAAABbw/dtUR_FCQolU/s72-c/bananos-karamellas-4.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://3.bp.blogspot.com/_mTuJtwbEjVA/SiF43UTiNFI/AAAAAAAAAmw/qV3nBz9M4sc/s1600/krumpli-turos-2.jpg
    http
    IEXPLORE.EXE
    2.0kB
    89.5kB
    37
    67

    HTTP Request

    GET http://3.bp.blogspot.com/_mTuJtwbEjVA/SiF43UTiNFI/AAAAAAAAAmw/qV3nBz9M4sc/s1600/krumpli-turos-2.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://4.bp.blogspot.com/_mTuJtwbEjVA/S4k4_za9DUI/AAAAAAAABdA/tFY9bRVT4RM/S190/eszkimo-szelet-1.jpg
    http
    IEXPLORE.EXE
    845 B
    13.6kB
    11
    13

    HTTP Request

    GET http://4.bp.blogspot.com/_mTuJtwbEjVA/S4k4_za9DUI/AAAAAAAABdA/tFY9bRVT4RM/S190/eszkimo-szelet-1.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://4.bp.blogspot.com/_mTuJtwbEjVA/S4k3l95ZAhI/AAAAAAAABcw/09QYoCZvWdI/S190/bananos-karamellas.jpg
    http
    IEXPLORE.EXE
    1.0kB
    22.9kB
    15
    20

    HTTP Request

    GET http://4.bp.blogspot.com/_mTuJtwbEjVA/S4k3l95ZAhI/AAAAAAAABcw/09QYoCZvWdI/S190/bananos-karamellas.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://4.bp.blogspot.com/_jA-SP6SAtfY/SrCOsBgFT6I/AAAAAAAABNo/mRr1xtkBjMw/s1600/header1y.jpg
    http
    IEXPLORE.EXE
    1.7kB
    40.1kB
    22
    33

    HTTP Request

    GET http://4.bp.blogspot.com/_mTuJtwbEjVA/S4k6VDg0SvI/AAAAAAAABdI/gQaGoykO6sM/S190/habcsok-1.jpg

    HTTP Response

    200

    HTTP Request

    GET http://4.bp.blogspot.com/_jA-SP6SAtfY/SrCOsBgFT6I/AAAAAAAABNo/mRr1xtkBjMw/s1600/header1y.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://4.bp.blogspot.com/_mTuJtwbEjVA/SeixwsZ7BgI/AAAAAAAAAaU/xYIin8yHwHM/s72-c/VKF-kifli-1.jpg
    http
    IEXPLORE.EXE
    657 B
    5.6kB
    7
    7

    HTTP Request

    GET http://4.bp.blogspot.com/_mTuJtwbEjVA/SeixwsZ7BgI/AAAAAAAAAaU/xYIin8yHwHM/s72-c/VKF-kifli-1.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://4.bp.blogspot.com/_mTuJtwbEjVA/Sx_LS3Sf5OI/AAAAAAAABPI/nRK_onu2JiE/s72-c/citromos-dios-sutemeny-1.jpg
    http
    IEXPLORE.EXE
    670 B
    4.5kB
    7
    7

    HTTP Request

    GET http://4.bp.blogspot.com/_mTuJtwbEjVA/Sx_LS3Sf5OI/AAAAAAAABPI/nRK_onu2JiE/s72-c/citromos-dios-sutemeny-1.jpg

    HTTP Response

    200
  • 142.250.179.233:80
    http://www.blogger.com/img/icon18_email.gif
    http
    IEXPLORE.EXE
    611 B
    1.7kB
    7
    5

    HTTP Request

    GET http://www.blogger.com/img/icon18_email.gif

    HTTP Response

    200
  • 172.67.131.123:80
    http://blogcounter.com/js.php?user=ludanyo&style=1
    http
    IEXPLORE.EXE
    595 B
    1.7kB
    7
    6

    HTTP Request

    GET http://blogcounter.com/js.php?user=ludanyo&style=1

    HTTP Response

    403
  • 172.67.131.123:80
    blogcounter.com
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 142.250.179.233:80
    img2.blogblog.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 104.18.13.146:80
    http://tcr.tynt.com/javascripts/Tracer.js?user=d84GFWbZSr35WiadbiUzgI&s=120
    http
    IEXPLORE.EXE
    896 B
    19.7kB
    13
    18

    HTTP Request

    GET http://tcr.tynt.com/javascripts/Tracer.js?user=d84GFWbZSr35WiadbiUzgI&s=120

    HTTP Response

    200
  • 104.18.13.146:80
    tcr.tynt.com
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 142.250.179.233:80
    http://img2.blogblog.com/img/icon18_edit_allbkg.gif
    http
    IEXPLORE.EXE
    573 B
    1.7kB
    6
    5

    HTTP Request

    GET http://img2.blogblog.com/img/icon18_edit_allbkg.gif

    HTTP Response

    200
  • 142.250.179.233:80
    img2.blogblog.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 104.21.87.190:443
    https://segitsuti.hu//files/fckuploads/oldaltgomb2.jpg
    tls, http
    IEXPLORE.EXE
    1.1kB
    4.7kB
    11
    10

    HTTP Request

    GET https://segitsuti.hu//files/fckuploads/oldaltgomb2.jpg

    HTTP Response

    301
  • 142.250.178.3:80
    http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D
    http
    IEXPLORE.EXE
    468 B
    1.9kB
    5
    4

    HTTP Request

    GET http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D

    HTTP Response

    200
  • 142.250.178.3:80
    http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D
    http
    IEXPLORE.EXE
    468 B
    1.9kB
    5
    4

    HTTP Request

    GET http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    606 B
    4.5kB
    8
    7

    HTTP Request

    GET http://c.pki.goog/r/gsr1.crl

    HTTP Response

    200

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r4.crl
    http
    IEXPLORE.EXE
    400 B
    2.5kB
    6
    4

    HTTP Request

    GET http://c.pki.goog/r/r4.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGdE1QgSdYy7EKQp2lG7B7I%3D
    http
    IEXPLORE.EXE
    470 B
    1.6kB
    5
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGdE1QgSdYy7EKQp2lG7B7I%3D

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGdE1QgSdYy7EKQp2lG7B7I%3D
    http
    IEXPLORE.EXE
    516 B
    1.6kB
    6
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGdE1QgSdYy7EKQp2lG7B7I%3D

    HTTP Response

    200
  • 142.250.187.196:80
    http://www.google.com/friendconnect/script/friendconnect.js
    http
    IEXPLORE.EXE
    604 B
    2.0kB
    7
    5

    HTTP Request

    GET http://www.google.com/friendconnect/script/friendconnect.js

    HTTP Response

    404
  • 142.250.187.196:80
    http://www.google.com/friendconnect/script/friendconnect.js
    http
    IEXPLORE.EXE
    558 B
    1.9kB
    6
    4

    HTTP Request

    GET http://www.google.com/friendconnect/script/friendconnect.js

    HTTP Response

    404
  • 104.21.87.190:443
    www.segitsuti.hu
    tls
    IEXPLORE.EXE
    753 B
    3.6kB
    10
    9
  • 104.21.87.190:443
    https://www.segitsuti.hu/files/fckuploads/oldaltgomb2.jpg
    tls, http
    IEXPLORE.EXE
    1.3kB
    13.5kB
    14
    19

    HTTP Request

    GET https://www.segitsuti.hu/files/fckuploads/oldaltgomb2.jpg

    HTTP Response

    404
  • 38.99.77.17:80
    img132.imageshack.us
    IEXPLORE.EXE
    190 B
    132 B
    4
    3
  • 38.99.77.17:80
    http://img132.imageshack.us/img132/7414/header2f.jpg
    http
    IEXPLORE.EXE
    568 B
    939 B
    6
    5

    HTTP Request

    GET http://img132.imageshack.us/img132/7414/header2f.jpg

    HTTP Response

    404
  • 157.240.214.35:80
    www.facebook.com
    IEXPLORE.EXE
    190 B
    132 B
    4
    3
  • 157.240.214.35:80
    http://www.facebook.com/plugins/like.php?href=http://ludanyo.blogspot.hu/2009/05/edes-krumplis-turos-beles-vkf-xxv.html&layout=standard&show_faces=false&width=100&action=like&font=arial&colorscheme=light
    http
    IEXPLORE.EXE
    706 B
    591 B
    6
    5

    HTTP Request

    GET http://www.facebook.com/plugins/like.php?href=http://ludanyo.blogspot.hu/2009/05/edes-krumplis-turos-beles-vkf-xxv.html&layout=standard&show_faces=false&width=100&action=like&font=arial&colorscheme=light

    HTTP Response

    301
  • 67.202.105.31:443
    ic.tynt.com
    tls, http
    IEXPLORE.EXE
    880 B
    7.1kB
    12
    11

    HTTP Response

    408
  • 67.202.105.31:443
    https://ic.tynt.com/b/p?id=d84GFWbZSr35WiadbiUzgI&lm=0&ts=1737457854393&dn=TI&iso=0&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html
    tls, http
    IEXPLORE.EXE
    2.1kB
    7.6kB
    15
    13

    HTTP Request

    GET https://ic.tynt.com/b/p?id=d84GFWbZSr35WiadbiUzgI&lm=0&ts=1737457854393&dn=TI&iso=0&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html&t=l%C3%BAdany%C3%B3%3A%20%C3%89des%20krumplis-t%C3%BAr%C3%B3s%20b%C3%A9les%20-%20VKF!%20XXV.

    HTTP Response

    204

    HTTP Request

    GET https://ic.tynt.com/b/p?id=d84GFWbZSr35WiadbiUzgI&lm=0&ts=1737457854393&dn=TI&iso=0&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html

    HTTP Response

    204
  • 104.18.12.146:443
    sc.tynt.com
    tls
    IEXPLORE.EXE
    772 B
    6.2kB
    10
    10
  • 104.18.12.146:443
    sc.tynt.com
    tls
    IEXPLORE.EXE
    772 B
    6.2kB
    10
    10
  • 142.250.200.14:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    858 B
    18.7kB
    13
    17

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 142.250.200.14:80
    www.google-analytics.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 157.240.214.35:443
    https://www.facebook.com/plugins/like.php?href=http://ludanyo.blogspot.hu/2009/05/edes-krumplis-turos-beles-vkf-xxv.html&layout=standard&show_faces=false&width=100&action=like&font=arial&colorscheme=light
    tls, http
    IEXPLORE.EXE
    1.3kB
    7.0kB
    13
    11

    HTTP Request

    GET https://www.facebook.com/plugins/like.php?href=http://ludanyo.blogspot.hu/2009/05/edes-krumplis-turos-beles-vkf-xxv.html&layout=standard&show_faces=false&width=100&action=like&font=arial&colorscheme=light

    HTTP Response

    200
  • 67.202.105.32:443
    de.tynt.com
    tls
    IEXPLORE.EXE
    874 B
    7.0kB
    12
    11
  • 67.202.105.32:443
    https://de.tynt.com/deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=1&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html
    tls, http
    IEXPLORE.EXE
    1.5kB
    7.3kB
    15
    13

    HTTP Request

    GET https://de.tynt.com/deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=1&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html

    HTTP Response

    200
  • 104.18.12.146:443
    sc.tynt.com
    tls
    IEXPLORE.EXE
    539 B
    379 B
    6
    5
  • 67.202.105.32:443
    https://de.tynt.com/deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=2&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html
    tls, http
    IEXPLORE.EXE
    1.2kB
    987 B
    10
    7

    HTTP Request

    GET https://de.tynt.com/deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=2&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html

    HTTP Response

    200
  • 67.202.105.32:443
    de.tynt.com
    tls, http
    IEXPLORE.EXE
    647 B
    787 B
    8
    6

    HTTP Response

    408
  • 23.192.18.101:80
    http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
    http
    393 B
    1.8kB
    4
    4

    HTTP Request

    GET http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl

    HTTP Response

    200
  • 2.19.252.143:80
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    http
    399 B
    1.7kB
    4
    4

    HTTP Request

    GET http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl

    HTTP Response

    200
  • 67.202.105.32:443
    https://de.tynt.com/deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=3&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html
    tls, http
    IEXPLORE.EXE
    1.2kB
    947 B
    9
    6

    HTTP Request

    GET https://de.tynt.com/deb/v2?id=d84GFWbZSr35WiadbiUzgI&dn=TI&cc=3&r=&pu=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_0423be5dedc5c7e0ab4f893378b38a89.html

    HTTP Response

    200
  • 67.202.105.32:443
    de.tynt.com
    tls, http
    IEXPLORE.EXE
    601 B
    747 B
    7
    5

    HTTP Response

    408
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
    7.9kB
    10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
    7.9kB
    10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
    7.8kB
    9
    12
  • 8.8.8.8:53
    widgets.amung.us
    dns
    IEXPLORE.EXE
    62 B
    110 B
    1
    1

    DNS Request

    widgets.amung.us

    DNS Response

    172.67.8.141
    104.22.74.171
    104.22.75.171

  • 8.8.8.8:53
    img1.blogblog.com
    dns
    IEXPLORE.EXE
    63 B
    110 B
    1
    1

    DNS Request

    img1.blogblog.com

    DNS Response

    142.250.179.233

  • 8.8.8.8:53
    apis.google.com
    dns
    IEXPLORE.EXE
    61 B
    98 B
    1
    1

    DNS Request

    apis.google.com

    DNS Response

    142.250.178.14

  • 8.8.8.8:53
    segitsuti.hu
    dns
    IEXPLORE.EXE
    58 B
    90 B
    1
    1

    DNS Request

    segitsuti.hu

    DNS Response

    104.21.87.190
    172.67.145.159

  • 8.8.8.8:53
    2.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    2.bp.blogspot.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    www.linkwithin.com
    dns
    IEXPLORE.EXE
    64 B
    94 B
    1
    1

    DNS Request

    www.linkwithin.com

    DNS Response

    118.139.179.30

  • 8.8.8.8:53
    static.networkedblogs.com
    dns
    IEXPLORE.EXE
    71 B
    144 B
    1
    1

    DNS Request

    static.networkedblogs.com

  • 8.8.8.8:53
    nwidget.networkedblogs.com
    dns
    IEXPLORE.EXE
    72 B
    145 B
    1
    1

    DNS Request

    nwidget.networkedblogs.com

  • 8.8.8.8:53
    feedjit.com
    dns
    IEXPLORE.EXE
    57 B
    139 B
    1
    1

    DNS Request

    feedjit.com

  • 8.8.8.8:53
    1.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    1.bp.blogspot.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    4.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    4.bp.blogspot.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    3.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    3.bp.blogspot.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    s46.sitemeter.com
    dns
    IEXPLORE.EXE
    63 B
    131 B
    1
    1

    DNS Request

    s46.sitemeter.com

  • 8.8.8.8:53
    stat.mystat.hu
    dns
    IEXPLORE.EXE
    60 B
    94 B
    1
    1

    DNS Request

    stat.mystat.hu

    DNS Response

    193.39.14.205

  • 8.8.8.8:53
    blogcounter.com
    dns
    IEXPLORE.EXE
    61 B
    93 B
    1
    1

    DNS Request

    blogcounter.com

    DNS Response

    172.67.131.123
    104.21.10.134

  • 8.8.8.8:53
    www.blogger.com
    dns
    IEXPLORE.EXE
    61 B
    108 B
    1
    1

    DNS Request

    www.blogger.com

    DNS Response

    142.250.179.233

  • 8.8.8.8:53
    img2.blogblog.com
    dns
    IEXPLORE.EXE
    63 B
    110 B
    1
    1

    DNS Request

    img2.blogblog.com

    DNS Response

    142.250.179.233

  • 8.8.8.8:53
    tcr.tynt.com
    dns
    IEXPLORE.EXE
    58 B
    135 B
    1
    1

    DNS Request

    tcr.tynt.com

    DNS Response

    104.18.13.146
    104.18.12.146

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    www.google.com
    dns
    IEXPLORE.EXE
    60 B
    76 B
    1
    1

    DNS Request

    www.google.com

    DNS Response

    142.250.187.196

  • 8.8.8.8:53
    img132.imageshack.us
    dns
    IEXPLORE.EXE
    66 B
    124 B
    1
    1

    DNS Request

    img132.imageshack.us

    DNS Response

    38.99.77.17
    38.99.77.16

  • 8.8.8.8:53
    www.segitsuti.hu
    dns
    IEXPLORE.EXE
    62 B
    94 B
    1
    1

    DNS Request

    www.segitsuti.hu

    DNS Response

    104.21.87.190
    172.67.145.159

  • 8.8.8.8:53
    www.facebook.com
    dns
    IEXPLORE.EXE
    62 B
    107 B
    1
    1

    DNS Request

    www.facebook.com

    DNS Response

    157.240.214.35

  • 8.8.8.8:53
    ic.tynt.com
    dns
    IEXPLORE.EXE
    57 B
    89 B
    1
    1

    DNS Request

    ic.tynt.com

    DNS Response

    67.202.105.31
    67.202.105.34

  • 8.8.8.8:53
    sc.tynt.com
    dns
    IEXPLORE.EXE
    57 B
    133 B
    1
    1

    DNS Request

    sc.tynt.com

    DNS Response

    104.18.12.146
    104.18.13.146

  • 8.8.8.8:53
    de.tynt.com
    dns
    IEXPLORE.EXE
    57 B
    89 B
    1
    1

    DNS Request

    de.tynt.com

    DNS Response

    67.202.105.32
    67.202.105.33

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.192.18.101

  • 8.8.8.8:53
    crl.microsoft.com
    dns
    63 B
    162 B
    1
    1

    DNS Request

    crl.microsoft.com

    DNS Response

    2.19.252.143
    2.19.252.157

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    645fccd1932d98031e2e18a4c8e4d419

    SHA1

    c6577b9ce554b1b1a0d09250f5b0c3edb579d602

    SHA256

    b10b6ff4013af5398ebd9f9b73b4f462b33276316ca6f7e47d272e13d2d4cec9

    SHA512

    375869531d3830ac4161b961226353b96958a014c976aa9a794374ef8a567201b3d56c27af2a23d0c027a22fb3513f9c9b00d60c43f0403ca93dcfcd991505d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e8d548e13fb56ef0411c69dcf687d1d

    SHA1

    ae0acbdedfb70474198152ae4c4aa61b0bcbe4c1

    SHA256

    b1218f529e9a758b14c70f39d6bcf602173a3480021e0d31cd867dd21be9b6f1

    SHA512

    1c238b72cdb1dbe0bfbf7d8bbc7893e3ddf4f7f8d3435e4f7ca5e05c9038ee730666e5fb8e6513962af446563d64df4c40c63dd3f8ecec383df5b309741a9758

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f870d6735ee79a335f615a25c7cd6e9

    SHA1

    1aa24fb5a65b5b2bac5b3ebc9b359b18b33ebb51

    SHA256

    c6d10927f0c697213870d6de4a495439469540b822f5a0d86b4d13c0ac476b7d

    SHA512

    aa757269e041197424624f8e1919c30c0f622886798ac91c162d6e97800f455607a2e360036d31e2c570c195da02699081bbbefa5001f11e2d9bf708f92faf61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e6c8051588f00de54ca436ebeb9283d

    SHA1

    de0da46b43daed3eccca8f79b5e680a71ebeac4d

    SHA256

    d747968e3c65343b5ddc9156515c2484ffa10119e30c573a14226f62d2c076ab

    SHA512

    9543de00c005395f3a7673069fc4e26874144e2343b04767f0e59554ed715dafae6c1757c2ca1aa1537e897864a388cc6138af30311a863a026f815fe6939bb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75fcae32fc85a23a3070ff08e0e84dd4

    SHA1

    b5d3cf98415bdbd57b0f579c4451e8faf911ecaf

    SHA256

    18dc642dc68cc91f7bbffc5934ead30f240f5e223e9e6e51184b4928c6560771

    SHA512

    2ff6e4ad752ac0f00c1488a414a518068c816e8847a9039ed2d3beb42e130d03d4ce5c264ab0fe5f3da9521fec8bd6a9260d45117d511ca3b14ddf9a56370dad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c7a729e10722ff4faaf061459579df4

    SHA1

    d2fd3105e5d0b080028ca4d21c9c36d4c79886df

    SHA256

    40401f6f2cbbd7552bd8b458cc494f2b1688cb37fcb7ab29e293c218c31b2ebd

    SHA512

    c9f2c891616dcbb88b3508167f690574efb4c902a44cc12d6751f0aecbc2021b27f17ecd6e61f9b793094db9dfa75d285a78c90c69b895ff798b9865b8ea51dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd263c34978ddd7b071d61defe918282

    SHA1

    d5ae96b435d95de70549a328e2f431208de1d91e

    SHA256

    efd54bfa55a9cffcc851d0f8ea45f6f4de68ee099879f537f231cfdca16f9bd8

    SHA512

    a6db53230612f091ab779350b8de529ad3894c5626abe5506effa53a714309d8c86079793052881b1bd656606bae0ba88f1e81b4c172458077988b7f1a2c2a9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90121e05fff15f7ceb7a8577ffbf2640

    SHA1

    d639ab2b8b4ccd653c34a1f05324caec1999bc54

    SHA256

    f02c5216f7fba32245b10040f817ab48d20f0627a9b14b1a231cca0edb41be86

    SHA512

    02475fbfbd7a8d7c6fd799191d85a0c57c65a773e9a7be7de907d978a3a849248fbe8b05f8fccd1deaaea0ca020c8b9852fb50204ede958041e7bbd08e86b077

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b82e2ceb755b18ee44e5ad13982ddf85

    SHA1

    d2eeab35d475afe3415a7c25b3116f2b03cf4c1f

    SHA256

    eabab1b251f521ee0228070f214d527e44c9a508a03528980c6c096947ced090

    SHA512

    0845c54b1e6cb3113a049a07f79639efa7f5d6b9c8dd49b1ef57efa6e1690ab9d5a50c6c568789f25875b28d7e30d275726b80050a05ec2a9d75f12347fd85e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3592ee993c21503beef62564f3f8f27a

    SHA1

    0ebd7d5e65aaf945d1c7e1ab92ee70616a2b3c46

    SHA256

    0bfd7deefb4092b2b04a7572a4772013d0caa9e4430a8845d2a2c27db6bb0855

    SHA512

    8a2e053e03333956267afe6039905ecfe85c228f01f29fbbba2506c9d4a6a5a91bd659d45b4179d7ef8b1bf353e62df3f04337cc2008a4404eb4cdaf165d59ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    013b1052976118eae78858315d8fc151

    SHA1

    545e2290044ccb71e0a426a0d268d53d8928b5e9

    SHA256

    d9f87cac1e336a5cb26b81f8cf6bd5e2780d6618170d57989e598881fedfe101

    SHA512

    a02aee737b9949a11a1083c5f825428667f8519856fa52442e8d7f40b6b4ba5711b56f407f92c4c921f76c4ad7488a5b480e66811683da0e3ad240d01d5d68d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    071baa4423c668d534b0adee915efdf1

    SHA1

    bd18b034a4b066df77e0a19fe2692b0a1cc9f317

    SHA256

    9aec1e7c28407af76ca9502a01cc7f7d7b5e533452c0397d7abea5be84b80143

    SHA512

    24471dfcc1787950b4ad49656fc6e94b149dc73903c3742327206c10b001d60d1275d4a3a081efb9d384c0370e3ce7f6c3fb2f32f297cd49f163badac7fe3dd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa2d3d5294e55665657cddfd3f798159

    SHA1

    557a83b84f78fc79ddba2442f50c0405214dd322

    SHA256

    02b46d4898d643fab7c912264b273ff0ede3f690cdc4224eb7f3849a73c8431f

    SHA512

    21b3690ac7d92485ab8cc06050d64a8b46df79ff88391f9504733167798884a3608b8d1b1d0d9fd93cf58e077c120d8d32c151be0d2eddbd2ba0e46a6826ce3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b3afcdbca9166558178e9e053ce0b55

    SHA1

    da587d96f4d455679853abdc14bc6060fe5a0b02

    SHA256

    c3b4a4af3633b2d033689f5253a34a80946789d6c891087597b855e9088bbae2

    SHA512

    6ae343366f334d1bd9c12baad6ef52f23a0ae9c33ca57f36c31d7634ef20898dfbb1ca5396bf62a905e53ebd6f9affa3c17f7eae6f148e3e479c5ebfd384c276

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf9d655de562780fd80a10903bca5640

    SHA1

    7d1db9aaa29ea08dbd42451f98a7ea895235ab7c

    SHA256

    11158d13abb1290a279f5feb40e2a14ff64273d00ccf890888846fa40e3cb8e6

    SHA512

    cb57dae7d792ba3f87ffe800e1d486100511860e410b642def14ca260445d9c4df5ba8b42c6a8761268aa4c056ec40c4ee3a659694fa2e2736c6c885a9e3352b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a886b324a225eb7d3f1796bd1666f22e

    SHA1

    98f2058fa552fcc0acd209db4c2eefa5388d2e9f

    SHA256

    f1843acd186ed8407de23d01d8b904f7af0cec1f991d261c4e2c10c71414a291

    SHA512

    36abc412f1a028f459487849adf2835f61af80a4b2fe3a3bf2c2ef9b61f9aa203826113aaf63ef75f2637a38e24216fec4155471c9d14ad4d328ca11ac5aaa42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e63d3622d142f2db6e0cf26fc7d6437e

    SHA1

    874979d2727c1552963f312049a4f1b1765db095

    SHA256

    102e10d4f7ec95062c4819e3236dd02742ee37689b91c08f20c7ace8e4cfa5de

    SHA512

    f476dfd216f209d39a6cca4531ebbfbeeebb499b3aa6722c1e75cfab0fb351537993b9f9d02f0221f73975711fcb65a14faba8cadac2bd709585c42078ca7132

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59c24969f9bc95841e6551d82db78e4b

    SHA1

    c20df33ec9bf2cc906c416fc4701672950a64770

    SHA256

    ef4329cfb9e21de1f1f38d3a397bf40aaaa74e44b29faa455f08a2dc6c343163

    SHA512

    7921d4b7e74e9c0048613f53a72da28d4142709b33f4af482694faff201b54775ebbd6592b56565e12f0269c2f3e01e4646e907e5d61dd24582bdf78a48446ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5faa3f8cde5c7d5abfdfb6c33ee78c5b

    SHA1

    14ef063f2160db81629b7fbcfe659dab641e9e65

    SHA256

    2f9487cdf5a72dd38127d12827d096dbec4d3b0e1925f8e64840739ab2145540

    SHA512

    d17d6b9ccce2103aa23800a75bbb1ffdc1ce80c7fe15455bf975c02a41ce0f2c1916f166fee6f1bfef1b82d1835e86e62a68c6c4424aa6466d1e6cb9841e7603

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d28be97e9a7b4e5c33d01a7cb3af2b4

    SHA1

    7e5a4e121ce24e5a9b896ac75b0cc231706f3b89

    SHA256

    28a6f4a78dc1bfacb06e96d91c616df3db5ecbf051ae4718884b9537a6d2854b

    SHA512

    ed304534a226a90fc5644ecb918786a3a70d67be188f8ca935455523479f15d9ffe0652aa9a46dfb3c8dbb76bc220086ee5d6f48068df831548bfe174d1c4ab5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac8aa3531f1cfb34ae9aa7ca8ad59f0e

    SHA1

    23212191bfba7354558e8f4d8f39ce0766058ed4

    SHA256

    b742db3b8dfbd5432b5399cc0903a25182bf7150f6b08c01879544f06b235e8d

    SHA512

    c54c8a62bc7ded4b5aa250cb998d1e991ea6d7bf07f821e7967e1554b0d21f1dddd019934a5f2ee0a3239376bb92027f57c8418d2f093961c30493491da37f89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ac42535c808c815958883c4257015e9

    SHA1

    10ba26ca8063a98b3123df3b7b0c5d968ed6d20c

    SHA256

    2a1ada40e23aea2f71d6aa8422e264b1cae482e6f9cdc47c2a937ac343b6f4ae

    SHA512

    07c1f6a2858739879bcc68ed6f27f44b8f0aa849bfa235a419723edb30a6a153d0ec7a25879d5b868a716697b0e14da6765fef662be3cffbf194809f864ac1a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b57122782f25167b19010c82015d92e8

    SHA1

    7ec786f11cd68af1f041fa0840397fb1f68bd70f

    SHA256

    cc9edc4de744d08967e7279b300729b430bf6f2ffbbb1b80e117fc71e509b90c

    SHA512

    6d510590c6050ad719e7843b5fe7f716f80dc82b315c45ed98f340735ea4b46091fa31d66e6e4ffebf85aa7ec55f156ed67e9e382298c0c1493b091931320218

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0d14cb0d4e4b5b4503592002714c81b

    SHA1

    676ac5fc1bbc02b3608cca661810a7fdc54979f7

    SHA256

    0c2f34f5c978d374972df2ad83919741e759bbb60f2bde05833bf1202861b159

    SHA512

    71c6ef4961c78af72f4cf0650d21db0634c4f90eaebaaa25b319beaf9df9c75db357183b1f35598881b61d22f792dabe05fcf3ced8e7f6be19a2354c3c49788a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3bcca450b3137d9d90811c13a850007e

    SHA1

    392c3769c557f159c03758a364fbc88f0ef8de94

    SHA256

    52c6e89457b7939bb6ff7b006c9d4c80e26e53b8da2545006221eb5eaa862e1b

    SHA512

    05e4981477bdd44bc3f4a1f1701893cfeef507b3b6e64f3156ea175c8d38833a79255978368d21c37c978bc0edea745286266a7dace5c718aa19757cce7865c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f74bb76c73d78a16c90f0a2b757ab97

    SHA1

    faa0d2356f96e98675857663e1107a7952cf1593

    SHA256

    0c85369a835ee90b578030357a091ccf51b4abfa9bc33f06b2c4ed1e8ca997f6

    SHA512

    b02383e78a48640b0873d105b0c358e35a3f577e0f69687c8a62a16c061c5e43aa1d9a86d9ba1ff8fcc1fd2fbb269e3e42aed2e9d8c8d9839173cc325a5ebc47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5c733f222eb984368d7282b25ff2690

    SHA1

    e0524d26618a83d244ba869b19b90d9a022edd4a

    SHA256

    2559286967f4d67b8487dd9cb641d52493463d86bef7d36df86772c47bfbe4b7

    SHA512

    98cd15920f1b6d21b3baaa8602958e71e8756dc9520efa1c425c8e3c9498b2fa94d678e6d7215ccec2fe6d60d40df3ac95cd6e043e8ffafda27856830a9a50d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1fa9ce958dc3d3e11d3d1587786af64

    SHA1

    3b5a3f47e93b39f9b64ce9f83f9020a82a77690d

    SHA256

    cd5060ae9945a2a3552bd0d3e71168e9df32a20e4441f103f92861228940fcde

    SHA512

    af8927067912ee544a439b86f5e90afdcdf12469078e94c938197fc22dc84a7de5eb57127f00e2868ca025a4605b46f2f37e3ccd657eb6c01a3fcf8bfa459317

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b67b015505fe2feaa20f270e1de408f

    SHA1

    809f9d7a9df6de84c191a5fa43cf790549811961

    SHA256

    cf442eadb1e03d9a7d56f8696b7a796be0300d2d5599f7fce3dffb88e6719e9c

    SHA512

    f02461b26fb1b3b55099721bbc595a1d96e130813fc9cc314d2b49a334c25fb1a1ae1aaeda3433d643eb7424f9e9240b3f7d75fc62744ad211150bd6f8d321e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d81a845be1170eddc47807004477392c

    SHA1

    75a584c14fccb6381c6e9c5d70165012ab4a58d1

    SHA256

    42cea604ccf27a9f41d8d5714c7e880fb56fa049d24e08bf2c5cbaebfc88450b

    SHA512

    4e7173aabedd6697cbf7088fba5da0f62e8880f46c4f4e7efc0b7cb8791159518a4e8f9f05c892ec6e7dab5be32fde7eb06141776565d0b692a74a5ae64a17cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c21363d1cccde2afdfa8c94c77572c5

    SHA1

    81f6cab079601fe62add88c5ad4d8797f3fdf3a0

    SHA256

    cf11b799ee89b412806e9dce8ee476d832f19899a0813b549f834fa108b89dd1

    SHA512

    79da6c4824620dbb78a18a42509d47b0c962d7a93a944175e40d1ebb7dab643b5aeb73820ffae070fb1a9dbb99c462871b65aa27e13920d6c22d5e04995c75b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9c63e3c66738456ea9e63e81adff3f3

    SHA1

    b798af930d28f3e3068ada00c989d617d8aa3eec

    SHA256

    cad50397750f28bcd9731ef116d24a325d48da10220c60dd4858d4399c6deeb4

    SHA512

    eed4131607c58ba45d5d25ba6be0c917ff982083a81b8b2958f0e0e1607c5336a1c7d510698e9a35ae8e2a70ec221f5b74151dfb773f9f7301598f9c56f92bd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05542ebaa29aefaaf8951543007d2113

    SHA1

    22ec4993d2bafa6d291af0fac6685fb69e555622

    SHA256

    147ce0ca8262b124d7751147030455c623e02a5459ddac339f2605e763253cd7

    SHA512

    05ad5cf275ef6062097220e2b58894709f340b2a64ba42aa244000b9a714394b5859bee983817025b6a2015a75b6c2a3a9be3a8d10f2d966f2a570b1f609185d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0313c7fdc063fcc6c542990af950b0f

    SHA1

    5995103598530d89279bd80fd860ada33133c2be

    SHA256

    3bd4879f6456575c049f69e5f9dd67372b79dbbb949f5372252c5bb3e246c41e

    SHA512

    dc4f70c839a198f5d8009866e9dcbf2c3a809603c2d958973e080c10e6f6876ef0bb10d67af2e924c5242dc8f92db130dad51954ad0a565f20f19e25962df2d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c7e21b110e0aeaf0b959eac9498d40e

    SHA1

    26fc73adf3e3b9f55f09ccf89253deff3b666d48

    SHA256

    607a0e7cac036b9709cbe422c98714a5b744783823e78724d97e5a939b429aae

    SHA512

    8a03dcafabe77fc1efef59c68a9bc43878ca4d51f89d899b5989c0ee15661cc8fa70c83bf1aa45333c7a1aee078a25ee12b22e876d6c74bbff9e7ac4579d2ccd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0328a3f79b29f2aabbff05a5a1dd9040

    SHA1

    f0bea941b2e896e0624cd993b0571fa8f667fa65

    SHA256

    6566c6e68c53f98713717f3b6177301bdaed9f9a2abc5ce3c359bc9cd5a6d3d0

    SHA512

    5db1f7cf1e15e85ca8bed1fc60d1c43e4fb94084d5c69917f41f193fa98a8f7c4e6d01b4231f66e8a0e0d628310fa2cd3c52aae49490f18ac129bc9c57b75b55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E

    Filesize

    482B

    MD5

    7584d6ca793e6cf849544118f04440de

    SHA1

    a3e8b86a8b39c8aa963db34e0d771c8af70a4b05

    SHA256

    f13f6532945a348e9a8fd2f86b48f887783d0c7d16894fdc05596cd8fc7973ad

    SHA512

    ff85807490efe3457190288794fdad9cb64be54cd780035279ed354aada8c30950c286a88cc51f4780121dc6344a7780a50bdf210389b53ebebc15615639874c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    ae345f4deeafb239a5aaf817715d6f4d

    SHA1

    8bc93401a63a74100f062e5de2ebcaa109c780c1

    SHA256

    d42af980edbb0cc82b422773bb34d29b65025cd9948144897e620e2c2ebd31df

    SHA512

    04eed0d687e89cfb20bf0714e950c031dfaefc193714c98a5a24a7e57dcf6001c7e18e583a0c01bf644329419e0a1c5ebdc736aa8bff7935714bd928e874a4b3

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\v2[1].js

    Filesize

    4B

    MD5

    350fd6ef6446635f7a8f608434a405ec

    SHA1

    a4b6c275ac2c80ec925b5c0c5c6abb79ba897356

    SHA256

    d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

    SHA512

    c80ee0076d4ed85badaca8443b52e2c2820bcaf7dcb87a92888de21fa312441d7723db2de5538396ae706099b859fccec8a7c246d24b39fc6538c4bcd7d2ce29

  • C:\Users\Admin\AppData\Local\Temp\CabF4AD.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF4B0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.