Edit tour

Windows Analysis Report
http://facebooksecurity.blogspot.pe/

Overview

General Information

Sample URL:	http://facebooksecurity.blogspot.pe/
Analysis ID:	1454842
Infos:

Detection

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

HTTP GET or POST without a user agent

Classification

Process Tree

System is w10x64

chrome.exe (PID: 4232 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 2432 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2020,i,16440638638355715808,11503379148845828170,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 7096 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://facebooksecurity.blogspot.pe/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://facebooksecurity.blogspot.pe/

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: http://facebooksecurity.blogspot.com/img/2.jpg	Avira URL Cloud: Label: phishing
Source: http://facebooksecurity.blogspot.com/2012/01/img/2.jpg	Avira URL Cloud: Label: phishing
Source: http://facebooksecurity.blogspot.com/2012/02/us-attacks-iran-and-saudi-arabia-f.html	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: http://facebooksecurity.blogspot.com

LLM: Score: 8 brands: Facebook Reasons: The URL 'http://facebooksecurity.blogspot.com' is suspicious because it uses 'blogspot.com' instead of the legitimate 'facebook.com' domain. The page title 'FACEBOOK SECURITY' and content attempt to mimic Facebook's branding, which is a common social usering technique used in phishing attacks. The page asks users to provide their username and password via a mobile dial code, which is highly unusual and suspicious. Additionally, the page does not have a login form or captcha, which are typically present on legitimate security-related pages. The combination of these factors strongly indicates that this is a phishing site. DOM: 4.4.pages.csv

Source: https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&vt=88767743790000018&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Ffacebooksecurity.blogspot.com&pfname=&rpctoken=15479408	HTTP Parser: No favicon
Source: https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=1147264465915888549&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/01/how-to-access-facebook-without-internet.html&vt=-6201656511637213917&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Ffacebooksecurity.blogspot.com&pfname=&rpctoken=16325958	HTTP Parser: No favicon
Source: https://www.blogger.com/profile/07973550498852665411	HTTP Parser: No favicon
Source: https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=4124881130413553059&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.html&vt=-5754118262451185758&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Ffacebooksecurity.blogspot.com&pfname=&rpctoken=27775056	HTTP Parser: No favicon
Source: https://www.blogger.com/profile/04317396537791325342	HTTP Parser: No favicon
Source: https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=6375811994687913730&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/01/issue-over-facebook-and-google-in-india.html&vt=5448844313414825449&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Ffacebooksecurity.blogspot.com&pfname=&rpctoken=26657076	HTTP Parser: No favicon
Source: https://www.youtube.com/embed/rD0_qT0rmuM	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49833 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.6:49861 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49870 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49880 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49928 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49946 version: TLS 1.2

Source: global traffic

HTTP traffic detected: GET / HTTP/1.1Host: ipinfo.ioConnection: Keep-Alive

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Type: image/x-iconExpires: Mon, 10 Jun 2024 22:13:32 GMTDate: Mon, 10 Jun 2024 22:13:32 GMTCache-Control: private, max-age=86400Last-Modified: Thu, 14 Mar 2024 04:14:12 GMTETag: W/"32199fd45849384259703cfb9ed7f99322695aafd480168da9f763565638bfbd"Content-Encoding: gzipX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Length: 665Server: GSEData Raw: 1f 8b 08 00 00 00 00 00 00 ff 7d 93 5d 48 53 61 18 c7 5f 51 28 87 e8 d8 45 57 63 78 a1 e0 47 db ce 26 3b 3a 5d 78 64 c7 75 5a 08 3a 5c 2d 1d 15 b4 dc c4 31 89 30 85 70 d3 81 30 c1 22 cd 2b cd 10 a3 0b bb 90 ae ec ce d4 8b 79 13 53 64 62 1f 37 8a b8 2d 2d ea c2 9b a8 f6 ef bc 67 69 9b 9b fd 0f ff f3 f1 bc cf ef 79 0e 2f ef 43 48 9e 78 c9 e5 44 bc 97 12 4f 01 21 17 08 21 15 a2 c5 90 18 49 c5 a9 b8 02 92 25 00 ff 9c 48 c8 d6 d7 d6 4a ed 6d 6d 82 41 af ef d5 aa d5 c3 9a aa aa 91 1a 86 b9 7f 55 10 ec 53 93 93 d5 38 3a 2a ca 60 d2 4c c5 1a d9 97 95 17 2b a1 d1 69 a0 ab 61 44 eb c0 e8 19 54 6b aa 51 51 55 f1 ed 74 df 74 51 ae fe 92 11 1c cf a1 ae a1 0e b5 0d b5 92 4d 8d 26 70 cd 1c 4c 9c 09 4c 8d 36 13 fa 2b 35 a3 06 67 e6 24 be b8 a4 98 e6 64 d9 28 ae 35 f1 4d 60 eb d9 8c 1a 1a 9d 3a 69 16 cc 30 5b cc 19 f9 5f 87 8a b2 6a 70 e6 46 58 ac 16 18 4d c6 93 1a 94 6b 77 b4 43 2e 97 ff 97 97 c9 64 50 2a 95 b0 d9 db 60 6d b9 22 f1 13 53 13 bc 5d 64 af dd b0 67 f5 4a e7 15 0a 05 ca cb cb c1 b2 2c 1c 9d d7 e1 bc e5 44 f3 65 fe b7 b5 c5 9a ec ea be 0b 57 d7 9d 9c bc 52 71 1e 2a 95 0a 06 83 01 16 8b 05 36 9b 0d 9e 1e 37 7a ef f5 a2 e3 66 07 9c b7 3b 31 f0 70 00 81 60 20 27 4f 2d 08 02 9c 4e 27 3c 1e 0f 7c 3e 1f 46 42 23 f0 0f fb e1 f5 f5 e0 27 7e 74 3f 1e 7f 84 e9 99 e9 33 fb bb 5c 2e f4 f5 f5 c1 ef f7 23 10 08 60 66 f6 19 c6 9f 3e 11 fb f6 27 e9 1e 3c 9f 9d c1 e2 9b 45 68 b5 da 13 96 ee e5 71 ff 81 fe 07 08 06 83 18 1d 1d 45 28 14 c2 c2 eb 85 e3 7e 92 e6 5f cd 63 65 75 19 e1 70 58 62 0b 0b 0b 51 56 56 06 9e e7 e1 76 bb 31 38 38 28 71 63 63 63 08 af 85 b1 f4 76 09 73 2f e6 32 ce c0 ca ea 0a b6 df 6f 23 b2 1e 81 c3 e1 90 f6 ab b5 b5 15 5e af 57 fa 6f ca 47 a3 51 6c 6d 6d 49 7c ae 39 da d8 dc c0 de de 1e 0e bf 1c 22 f1 39 81 58 3c 86 58 2c e5 78 3c 8e dd dd 5d 44 22 11 31 15 79 a7 cf fe c9 1c 25 f1 8e b2 b4 0e e5 0e 0e 0e a4 f7 fd fd 7d 7c fc f4 e1 57 ae b9 c9 e0 d3 d6 ce fa 4e 8f ed 9c 23 e4 7b 49 ea b9 9c 4f c8 50 5e ca a7 75 1c a7 39 3b f9 29 86 96 f9 03 01 28 96 a3 7e 04 00 00 Data Ascii: }]HSa_Q(EWcxG&;:]xduZ:\-10p0"+ySdb7--giy/CHxDO!!I%HJmmAUS8:`L+iaDTkQQUttQM&pLL6+5g$d(5M`:i0[_jpFXMkwC.dP`m"S]dgJ,DeWRq*67zf;1p` 'O-N'<\|>FB#'~t?3\.#`f>'<EhqE(~_ceupXbQVVv188(qcccvs/2o#^WoGQlmmI\|9
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Type: image/x-iconExpires: Mon, 10 Jun 2024 22:13:33 GMTDate: Mon, 10 Jun 2024 22:13:33 GMTCache-Control: private, max-age=86400Last-Modified: Thu, 14 Mar 2024 04:14:12 GMTETag: W/"32199fd45849384259703cfb9ed7f99322695aafd480168da9f763565638bfbd"Content-Encoding: gzipX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: frame-ancestors 'self'X-XSS-Protection: 1; mode=blockContent-Length: 665Server: GSEData Raw: 1f 8b 08 00 00 00 00 00 00 ff 7d 93 5d 48 53 61 18 c7 5f 51 28 87 e8 d8 45 57 63 78 a1 e0 47 db ce 26 3b 3a 5d 78 64 c7 75 5a 08 3a 5c 2d 1d 15 b4 dc c4 31 89 30 85 70 d3 81 30 c1 22 cd 2b cd 10 a3 0b bb 90 ae ec ce d4 8b 79 13 53 64 62 1f 37 8a b8 2d 2d ea c2 9b a8 f6 ef bc 67 69 9b 9b fd 0f ff f3 f1 bc cf ef 79 0e 2f ef 43 48 9e 78 c9 e5 44 bc 97 12 4f 01 21 17 08 21 15 a2 c5 90 18 49 c5 a9 b8 02 92 25 00 ff 9c 48 c8 d6 d7 d6 4a ed 6d 6d 82 41 af ef d5 aa d5 c3 9a aa aa 91 1a 86 b9 7f 55 10 ec 53 93 93 d5 38 3a 2a ca 60 d2 4c c5 1a d9 97 95 17 2b a1 d1 69 a0 ab 61 44 eb c0 e8 19 54 6b aa 51 51 55 f1 ed 74 df 74 51 ae fe 92 11 1c cf a1 ae a1 0e b5 0d b5 92 4d 8d 26 70 cd 1c 4c 9c 09 4c 8d 36 13 fa 2b 35 a3 06 67 e6 24 be b8 a4 98 e6 64 d9 28 ae 35 f1 4d 60 eb d9 8c 1a 1a 9d 3a 69 16 cc 30 5b cc 19 f9 5f 87 8a b2 6a 70 e6 46 58 ac 16 18 4d c6 93 1a 94 6b 77 b4 43 2e 97 ff 97 97 c9 64 50 2a 95 b0 d9 db 60 6d b9 22 f1 13 53 13 bc 5d 64 af dd b0 67 f5 4a e7 15 0a 05 ca cb cb c1 b2 2c 1c 9d d7 e1 bc e5 44 f3 65 fe b7 b5 c5 9a ec ea be 0b 57 d7 9d 9c bc 52 71 1e 2a 95 0a 06 83 01 16 8b 05 36 9b 0d 9e 1e 37 7a ef f5 a2 e3 66 07 9c b7 3b 31 f0 70 00 81 60 20 27 4f 2d 08 02 9c 4e 27 3c 1e 0f 7c 3e 1f 46 42 23 f0 0f fb e1 f5 f5 e0 27 7e 74 3f 1e 7f 84 e9 99 e9 33 fb bb 5c 2e f4 f5 f5 c1 ef f7 23 10 08 60 66 f6 19 c6 9f 3e 11 fb f6 27 e9 1e 3c 9f 9d c1 e2 9b 45 68 b5 da 13 96 ee e5 71 ff 81 fe 07 08 06 83 18 1d 1d 45 28 14 c2 c2 eb 85 e3 7e 92 e6 5f cd 63 65 75 19 e1 70 58 62 0b 0b 0b 51 56 56 06 9e e7 e1 76 bb 31 38 38 28 71 63 63 63 08 af 85 b1 f4 76 09 73 2f e6 32 ce c0 ca ea 0a b6 df 6f 23 b2 1e 81 c3 e1 90 f6 ab b5 b5 15 5e af 57 fa 6f ca 47 a3 51 6c 6d 6d 49 7c ae 39 da d8 dc c0 de de 1e 0e bf 1c 22 f1 39 81 58 3c 86 58 2c e5 78 3c 8e dd dd 5d 44 22 11 31 15 79 a7 cf fe c9 1c 25 f1 8e b2 b4 0e e5 0e 0e 0e a4 f7 fd fd 7d 7c fc f4 e1 57 ae b9 c9 e0 d3 d6 ce fa 4e 8f ed 9c 23 e4 7b 49 ea b9 9c 4f c8 50 5e ca a7 75 1c a7 39 3b f9 29 86 96 f9 03 01 28 96 a3 7e 04 00 00 Data Ascii: }]HSa_Q(EWcxG&;:]xduZ:\-10p0"+ySdb7--giy/CHxDO!!I%HJmmAUS8:`L+iaDTkQQUttQM&pLL6+5g$d(5M`:i0[_jpFXMkwC.dP`m"S]dgJ,DeWRq*67zf;1p` 'O-N'<\|>FB#'~t?3\.#`f>'<EhqE(~_ceupX

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ipinfo.ioConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/socialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/sharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsocialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/platform.js HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /static/v1/widgets/116388341-widgets.js HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/w72-h72-p-k-no-nu/t1larg.facebook.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhrLaU42y46_ybqP8t2TS9ekCY2dCKk-oGYyBd18CBMybseiMun4aeXWp7YnK-VqYnCm59QOdb2bq6sXH-yCFw7CeNLKoz0GL3JeiewV2XggyNOeaVbGYuZ49RyTj5K92Bs-oXRa7IR428/w72-h72-p-k-no-nu/Facebook-hack.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/w72-h72-p-k-no-nu/facebook-google.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEjhRdUkdNaj7S0PczG7Rmt23sdOM3ZHfOgcIbOX4UOuhB5r-PBVtOSQjpp9PBLUMwaQcCeNwvrD7-SUSMWFxH7Jo7pGJAWxx5EhwHnoCa2pNWDmIeVYdgUyhwAHcKJc566cHe-ep2nVPDA/w72-h72-p-k-no-nu/https-background.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/s400/us_attacks_wall-facebook+virus+allert.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhLAFXQ9nhm1HhhmbwnnekzsgCZO6E3TPh3kdzh2VISyeIZgW4ufTOSDiEdDAoyoa3to4ia4T2yP9OOItjwP-f3Qh3GE5YFskX4twlaexOtLGFLbK0U-C_LLgV_jemcf4zfRgcywGhzPLw/s400/cnn+fake+site+virus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/s320/t1larg.facebook.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/w72-h72-p-k-no-nu/t1larg.facebook.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/w72-h72-p-k-no-nu/facebook-google.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/s1600/facebook-google.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEjusvI2A4Y301dqi3HXDOvAyD7vbiSjrHaLwEy08oeP4SCTb8L8uvex2-XK7Uw5pfohOP7eySZNE6h6o7BfKADF4C0fkexSXkPXSfFfResMXVLd3S3c-PB1esFIze0msK4PwitMM8z9wk0/s200/402161_220083208080592_108491975906383_495642_1581235068_n.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhrLaU42y46_ybqP8t2TS9ekCY2dCKk-oGYyBd18CBMybseiMun4aeXWp7YnK-VqYnCm59QOdb2bq6sXH-yCFw7CeNLKoz0GL3JeiewV2XggyNOeaVbGYuZ49RyTj5K92Bs-oXRa7IR428/w72-h72-p-k-no-nu/Facebook-hack.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiwEKjO_XlIWMn2qwIrqEPiC61SO0CERpKSOvqeHOEjz0iNQ_Ybey4IUfwaOwVAsi6TYcvJnRDw8tfR_YXFoYw8fwuXUVWNFs9I5NomDDXAtwpBSirIfT81pSos6X6PfLCTAWlEGSTNUqI/s640/Mark+Zuckerberg%2527s+Private+Photos.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEjhRdUkdNaj7S0PczG7Rmt23sdOM3ZHfOgcIbOX4UOuhB5r-PBVtOSQjpp9PBLUMwaQcCeNwvrD7-SUSMWFxH7Jo7pGJAWxx5EhwHnoCa2pNWDmIeVYdgUyhwAHcKJc566cHe-ep2nVPDA/w72-h72-p-k-no-nu/https-background.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/s400/us_attacks_wall-facebook+virus+allert.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhLAFXQ9nhm1HhhmbwnnekzsgCZO6E3TPh3kdzh2VISyeIZgW4ufTOSDiEdDAoyoa3to4ia4T2yP9OOItjwP-f3Qh3GE5YFskX4twlaexOtLGFLbK0U-C_LLgV_jemcf4zfRgcywGhzPLw/s400/cnn+fake+site+virus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=dl8ON86YSdOpucT&MD=2MVOd7f8 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/s1600/facebook-google.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgV-PVMCwC_CenusvDHj0IBpJEYyasKJqmfJDK0u7e6M6xdfOu84rH_Jo0xdHGPePK139JvcUGXvVNv4ltXzthCkImPLzkYc0OoeyNito5HGAO3ANHKdPMpwtXa_MuDP39dD8TgePH68hg/s400/SSL+encryption_jpg_99969.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgDHNB2D9NkpIUm-nmtyZutA7ER4kqdz0lIP2BwAmGaTimyvmtLtS_YWvh2_2QteKdg5Bf682Gt_MqggD0U5ksSbYkeS3nLJhIpqUxqKvxok0LxlTi5P926ECODmQDTWu6Br0RO9npYcUg/s400/facebook+app+password_jpg_14460.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEg7-XaBnr5ysT-dfc-5OTudFVIdW-1lr0Io2cCfcMmE6tluqCTZJp-S44kDj6QmEUXxRYAOBlUb5H05j41T_MiY0roSTOl_W5ok0DJ9KhDyM1e_jMu8bbGEY8_vWGOTV-jXwL5NpjRY3TM/s320/ramnit.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEj08WTD0L9AuzD12whTafjP4PA6KmQTrSK8UMwkMtGebD-V2-4WFINDwmusBb3zx-hjGu-eIMCQZii1J48wKQdlgaB5um3bPq4gI7cBmqyzZ1-9bi-mz8-lT4s9dCK2ZEaTWZw5y9sawYU/s320/knowledge.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/s320/t1larg.facebook.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/s1600/fACEBOOK+VIRUS.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiwEKjO_XlIWMn2qwIrqEPiC61SO0CERpKSOvqeHOEjz0iNQ_Ybey4IUfwaOwVAsi6TYcvJnRDw8tfR_YXFoYw8fwuXUVWNFs9I5NomDDXAtwpBSirIfT81pSos6X6PfLCTAWlEGSTNUqI/s640/Mark+Zuckerberg%2527s+Private+Photos.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEjusvI2A4Y301dqi3HXDOvAyD7vbiSjrHaLwEy08oeP4SCTb8L8uvex2-XK7Uw5pfohOP7eySZNE6h6o7BfKADF4C0fkexSXkPXSfFfResMXVLd3S3c-PB1esFIze0msK4PwitMM8z9wk0/s200/402161_220083208080592_108491975906383_495642_1581235068_n.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgQBsLeJueV9nLN-CdicPuTdOQVuSpx_Oub7_C9AlZpoBWU_TV-OXQBOAPwyN2SsMAJLl_Lq2EBWvtlngM6Rdt8M7OOVD8cwN6YaNMoXSI9MOEDweMclK8WQKi0ePcnRLJxt7pxViIBzBo/s320/anitivirus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/w72-h72-p-k-no-nu/fACEBOOK+VIRUS.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiMW8agzRJJnOmlRHoFMD6pT4Cuk7jc79cTkWXGzWZNr8TJZR3AsykW_oegPS2AmoznSU04LOGmbjK185nU2a5jCG9pE65LiNSb7A3FF19tAR8cj4dQxTuLrRRX9q1lCZRngjHhI2peJIU/w72-h72-p-k-no-nu/blogfacebooklurking.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiujJ85GpGlXLmEmD9_norDKpQnNHQ9VBSF001sNaKPeOoSDK1C-hqHTJTY_rtnaG5HRExTDdSOj6JqiYC_BOL0NrgzG4e-CsrSsOYgsY07WZcbfva6HXTnnFUVdN77JbqwhFwV65toaBI/w72-h72-p-k-no-nu/Facebook+security.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEj8wsZYYCVEpZfHbM9btfgR6MsPdFeROOTJkYwoBDb7BkDo5SGO2U7MwOcI4fVxZahoDL7b-acjyOlhigTHeZKd2_mTIZN20zucj-Tjuf21Qcoi4o3wiTZaT8kCpQxd9gMPHPD5JWcdl88/w72-h72-p-k-no-nu/Facebook+Implements+Microsoft%25E2%2580%2599s+PhotoDNA+Technology.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiji4KQfTxFzzP2Bo6txOX4HGOoBEihE8Jdn_-M4SOoHYTug7zSl2IU-XfHWDWVkwZpd4tL3yIqB_A95MT9tLw179YScfKgvJ9YnDeCKBqDDlccTtjHsdTWiEJCjY03VPdbVJTJaPwjP-Q/w72-h72-p-k-no-nu/Facebook-Virus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgDHNB2D9NkpIUm-nmtyZutA7ER4kqdz0lIP2BwAmGaTimyvmtLtS_YWvh2_2QteKdg5Bf682Gt_MqggD0U5ksSbYkeS3nLJhIpqUxqKvxok0LxlTi5P926ECODmQDTWu6Br0RO9npYcUg/s400/facebook+app+password_jpg_14460.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEg7-XaBnr5ysT-dfc-5OTudFVIdW-1lr0Io2cCfcMmE6tluqCTZJp-S44kDj6QmEUXxRYAOBlUb5H05j41T_MiY0roSTOl_W5ok0DJ9KhDyM1e_jMu8bbGEY8_vWGOTV-jXwL5NpjRY3TM/s320/ramnit.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEj08WTD0L9AuzD12whTafjP4PA6KmQTrSK8UMwkMtGebD-V2-4WFINDwmusBb3zx-hjGu-eIMCQZii1J48wKQdlgaB5um3bPq4gI7cBmqyzZ1-9bi-mz8-lT4s9dCK2ZEaTWZw5y9sawYU/s320/knowledge.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgV-PVMCwC_CenusvDHj0IBpJEYyasKJqmfJDK0u7e6M6xdfOu84rH_Jo0xdHGPePK139JvcUGXvVNv4ltXzthCkImPLzkYc0OoeyNito5HGAO3ANHKdPMpwtXa_MuDP39dD8TgePH68hg/s400/SSL+encryption_jpg_99969.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/s1600/fACEBOOK+VIRUS.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgQBsLeJueV9nLN-CdicPuTdOQVuSpx_Oub7_C9AlZpoBWU_TV-OXQBOAPwyN2SsMAJLl_Lq2EBWvtlngM6Rdt8M7OOVD8cwN6YaNMoXSI9MOEDweMclK8WQKi0ePcnRLJxt7pxViIBzBo/s320/anitivirus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&vt=88767743790000018&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiMW8agzRJJnOmlRHoFMD6pT4Cuk7jc79cTkWXGzWZNr8TJZR3AsykW_oegPS2AmoznSU04LOGmbjK185nU2a5jCG9pE65LiNSb7A3FF19tAR8cj4dQxTuLrRRX9q1lCZRngjHhI2peJIU/w72-h72-p-k-no-nu/blogfacebooklurking.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/w72-h72-p-k-no-nu/fACEBOOK+VIRUS.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiujJ85GpGlXLmEmD9_norDKpQnNHQ9VBSF001sNaKPeOoSDK1C-hqHTJTY_rtnaG5HRExTDdSOj6JqiYC_BOL0NrgzG4e-CsrSsOYgsY07WZcbfva6HXTnnFUVdN77JbqwhFwV65toaBI/w72-h72-p-k-no-nu/Facebook+security.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEj8wsZYYCVEpZfHbM9btfgR6MsPdFeROOTJkYwoBDb7BkDo5SGO2U7MwOcI4fVxZahoDL7b-acjyOlhigTHeZKd2_mTIZN20zucj-Tjuf21Qcoi4o3wiTZaT8kCpQxd9gMPHPD5JWcdl88/w72-h72-p-k-no-nu/Facebook+Implements+Microsoft%25E2%2580%2599s+PhotoDNA+Technology.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/platform:gapi.iframes.style.common.js HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiji4KQfTxFzzP2Bo6txOX4HGOoBEihE8Jdn_-M4SOoHYTug7zSl2IU-XfHWDWVkwZpd4tL3yIqB_A95MT9tLw179YScfKgvJ9YnDeCKBqDDlccTtjHsdTWiEJCjY03VPdbVJTJaPwjP-Q/w72-h72-p-k-no-nu/Facebook-Virus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/socialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/sharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsocialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/socialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/sharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsocialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=1147264465915888549&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/01/how-to-access-facebook-without-internet.html&vt=-6201656511637213917&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /profile/07973550498852665411 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/v-css/2223071481-static_pages.css HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/v-css/3896558673-new_ui_static_pages.css HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/v-app/scripts/3510624199-common.js HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/maia.css HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/jsbin/671481879-analytics_autotrack.js HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/blogger-logotype-color-black-1x.png HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/avatar_blue_m_96.png HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/jsbin/2378602557-base.js HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/avatar_blue_m_96.png HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/blogger-logotype-color-black-1x.png HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=dl8ON86YSdOpucT&MD=2MVOd7f8 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.JHoMBbBABZg.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_6Zf8M75AJqSyaaLg_vD7Vr9kevQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.1937890868.1718057642; _gid=GA1.2.756239841.1718057642
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=lLUnUvvEg2FJE4SDhtPxWiwcQ0xN5ZpCpPwezlB4e65Ub4wdctREwSzEyDGKkCycBM4okneFtlNN8Xp5PJwAMIeHPPC4GgL1ziRnU2TUdj36YVlrkfYm3Q1TGiwRv2KZcUx0xJhvia_GM-eNU9pMfqtrfUTmhmnEdovxBB5WUho
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.1937890868.1718057642; _gid=GA1.2.756239841.1718057642
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/socialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=lLUnUvvEg2FJE4SDhtPxWiwcQ0xN5ZpCpPwezlB4e65Ub4wdctREwSzEyDGKkCycBM4okneFtlNN8Xp5PJwAMIeHPPC4GgL1ziRnU2TUdj36YVlrkfYm3Q1TGiwRv2KZcUx0xJhvia_GM-eNU9pMfqtrfUTmhmnEdovxBB5WUho
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/sharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=lLUnUvvEg2FJE4SDhtPxWiwcQ0xN5ZpCpPwezlB4e65Ub4wdctREwSzEyDGKkCycBM4okneFtlNN8Xp5PJwAMIeHPPC4GgL1ziRnU2TUdj36YVlrkfYm3Q1TGiwRv2KZcUx0xJhvia_GM-eNU9pMfqtrfUTmhmnEdovxBB5WUho
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=lLUnUvvEg2FJE4SDhtPxWiwcQ0xN5ZpCpPwezlB4e65Ub4wdctREwSzEyDGKkCycBM4okneFtlNN8Xp5PJwAMIeHPPC4GgL1ziRnU2TUdj36YVlrkfYm3Q1TGiwRv2KZcUx0xJhvia_GM-eNU9pMfqtrfUTmhmnEdovxBB5WUho
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsocialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=lLUnUvvEg2FJE4SDhtPxWiwcQ0xN5ZpCpPwezlB4e65Ub4wdctREwSzEyDGKkCycBM4okneFtlNN8Xp5PJwAMIeHPPC4GgL1ziRnU2TUdj36YVlrkfYm3Q1TGiwRv2KZcUx0xJhvia_GM-eNU9pMfqtrfUTmhmnEdovxBB5WUho
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=4124881130413553059&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.html&vt=-5754118262451185758&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /profile/04317396537791325342 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.1937890868.1718057642; _gid=GA1.2.756239841.1718057642
Source: global traffic	HTTP traffic detected: GET /css/maia.css HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=lLUnUvvEg2FJE4SDhtPxWiwcQ0xN5ZpCpPwezlB4e65Ub4wdctREwSzEyDGKkCycBM4okneFtlNN8Xp5PJwAMIeHPPC4GgL1ziRnU2TUdj36YVlrkfYm3Q1TGiwRv2KZcUx0xJhvia_GM-eNU9pMfqtrfUTmhmnEdovxBB5WUhoIf-Modified-Since: Mon, 25 May 2020 08:30:00 GMT
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=THJLoXWeFv9o-nXkddPjl0sfUOFFXyBTryX_B87UDui2EuzjzUNSDgx52LNe-k7m7ld61wVHzUgon0w2zNSX-LId4xmAh81vfO5ernKQ0Q-s50NhwQJniTgHaKDft-xaGMdtXOSEaORUSMQejfs04HagMMI9OE-p8yPX10c8N1M
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/socialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=THJLoXWeFv9o-nXkddPjl0sfUOFFXyBTryX_B87UDui2EuzjzUNSDgx52LNe-k7m7ld61wVHzUgon0w2zNSX-LId4xmAh81vfO5ernKQ0Q-s50NhwQJniTgHaKDft-xaGMdtXOSEaORUSMQejfs04HagMMI9OE-p8yPX10c8N1M
Source: global traffic	HTTP traffic detected: GET /site/bloggerwidgets01/sharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=THJLoXWeFv9o-nXkddPjl0sfUOFFXyBTryX_B87UDui2EuzjzUNSDgx52LNe-k7m7ld61wVHzUgon0w2zNSX-LId4xmAh81vfO5ernKQ0Q-s50NhwQJniTgHaKDft-xaGMdtXOSEaORUSMQejfs04HagMMI9OE-p8yPX10c8N1M
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsharrre.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=THJLoXWeFv9o-nXkddPjl0sfUOFFXyBTryX_B87UDui2EuzjzUNSDgx52LNe-k7m7ld61wVHzUgon0w2zNSX-LId4xmAh81vfO5ernKQ0Q-s50NhwQJniTgHaKDft-xaGMdtXOSEaORUSMQejfs04HagMMI9OE-p8yPX10c8N1M
Source: global traffic	HTTP traffic detected: GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsocialite.js HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=THJLoXWeFv9o-nXkddPjl0sfUOFFXyBTryX_B87UDui2EuzjzUNSDgx52LNe-k7m7ld61wVHzUgon0w2zNSX-LId4xmAh81vfO5ernKQ0Q-s50NhwQJniTgHaKDft-xaGMdtXOSEaORUSMQejfs04HagMMI9OE-p8yPX10c8N1M
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /embed/rD0_qT0rmuM HTTP/1.1Host: www.youtube.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=6375811994687913730&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/01/issue-over-facebook-and-google-in-india.html&vt=5448844313414825449&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/player/dee49cfa/www-player.css HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.youtube.com/embed/rD0_qT0rmuMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=U0Gy7f-x_hE; VISITOR_INFO1_LIVE=3H2bWdXYmtQ; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgNw%3D%3D
Source: global traffic	HTTP traffic detected: GET /s/player/dee49cfa/player_ias.vflset/en_US/embed.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/rD0_qT0rmuMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=U0Gy7f-x_hE; VISITOR_INFO1_LIVE=3H2bWdXYmtQ; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgNw%3D%3D
Source: global traffic	HTTP traffic detected: GET /s/player/dee49cfa/www-embed-player.vflset/www-embed-player.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/rD0_qT0rmuMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=U0Gy7f-x_hE; VISITOR_INFO1_LIVE=3H2bWdXYmtQ; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgNw%3D%3D
Source: global traffic	HTTP traffic detected: GET /s/player/dee49cfa/player_ias.vflset/en_US/base.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/rD0_qT0rmuMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=U0Gy7f-x_hE; VISITOR_INFO1_LIVE=3H2bWdXYmtQ; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgNw%3D%3D
Source: global traffic	HTTP traffic detected: GET /pagead/id HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.youtube.comX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /instream/ad_status.js HTTP/1.1Host: static.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/id?slf_rd=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.youtube.comX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/id?slf_rd=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=THJLoXWeFv9o-nXkddPjl0sfUOFFXyBTryX_B87UDui2EuzjzUNSDgx52LNe-k7m7ld61wVHzUgon0w2zNSX-LId4xmAh81vfO5ernKQ0Q-s50NhwQJniTgHaKDft-xaGMdtXOSEaORUSMQejfs04HagMMI9OE-p8yPX10c8N1M
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=514=THJLoXWeFv9o-nXkddPjl0sfUOFFXyBTryX_B87UDui2EuzjzUNSDgx52LNe-k7m7ld61wVHzUgon0w2zNSX-LId4xmAh81vfO5ernKQ0Q-s50NhwQJniTgHaKDft-xaGMdtXOSEaORUSMQejfs04HagMMI9OE-p8yPX10c8N1M
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: facebooksecurity.blogspot.peConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-1.7.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg HTTP/1.1Host: 1.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg HTTP/1.1Host: 1.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/2.jpg HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-Z-xxpA6Bzqg/ULCCTYRgP2I/AAAAAAAAEvE/AekO-nDLdJw/s1600/down-arrow.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-Z-xxpA6Bzqg/ULCCTYRgP2I/AAAAAAAAEvE/AekO-nDLdJw/s1600/down-arrow.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2012/02/us-attacks-iran-and-saudi-arabia-f.html HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2012/02/img/2.jpg HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/2012/02/us-attacks-iran-and-saudi-arabia-f.htmlAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2012/01/how-to-access-facebook-without-internet.html HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://facebooksecurity.blogspot.com/2012/02/us-attacks-iran-and-saudi-arabia-f.htmlAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2012/01/img/2.jpg HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/2012/01/how-to-access-facebook-without-internet.htmlAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2012/02/how-spammers-flooding-facebook-wall.html HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2012/02/img/2.jpg HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.htmlAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-5cLnCWC5OcQ/T8BAm9CL5sI/AAAAAAAABLA/QihYoXvrVyA/s000/quote.png HTTP/1.1Host: 1.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-5cLnCWC5OcQ/T8BAm9CL5sI/AAAAAAAABLA/QihYoXvrVyA/s000/quote.png HTTP/1.1Host: 1.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2012/01/issue-over-facebook-and-google-in-india.html HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2012/01/img/2.jpg HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/2012/01/issue-over-facebook-and-google-in-india.htmlAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_149.2.dr	String found in binary or memory: (g.nq(c,"redirector.googlevideo.com"),d=c.toString()):c.j.match("rr?[1-9].*\\.c\\.youtube\\.com$")?(g.nq(c,"www.youtube.com"),d=c.toString()):(c=JCa(d),ZI(c)&&(d=c));c=new g.sP(d);c.set("cmo=pf","1");e&&c.set("cmo=td","a1.googlevideo.com");return c}; equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: NTa=function(a,b){if(!a.j["0"]){var c=new eK("0","fakesb",{video:new aK(0,0,0,void 0,void 0,"auto")});a.j["0"]=b?new uQ(new g.sP("http://www.youtube.com/videoplayback"),c,"fake"):new FQ(new g.sP("http://www.youtube.com/videoplayback"),c,new iQ(0,0),new iQ(0,0))}}; equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: a))):this.api.U().L("enable_adb_handling_in_sabr")&&"BROWSER_OR_EXTENSION_ERROR"===c&&!d.K?(d=d.hostLanguage,a="//support.google.com/youtube/answer/3037019#zippy=%2Cupdate-your-browser-and-check-your-extensions",d&&(a=g.to(a,{hl:d})),this.Kd(TV(this,"BROWSER_OR_EXTENSION_ERROR",a))):this.Kd(g.RV(a.errorMessage)):this.Kd(TV(this,"HTML5_NO_AVAILABLE_FORMATS_FALLBACK_WITH_LINK_SHORT","//www.youtube.com/supported_browsers")):(a=d.hostLanguage,c="//support.google.com/youtube/?p=player_error1",a&&(c=g.to(c, equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: a.BASE_YT_URL)\|\|"")\|\|ACa(this.uf)\|\|this.protocol+"://www.youtube.com/";h=b?b.eventLabel:a.el;d="detailpage";"adunit"===h?d=this.D?"embedded":"detailpage":"embedded"===h\|\|this.N?d=pB(d,h,RUa):h&&(d="embedded");this.La=d;hva();h=null;d=b?b.playerStyle:a.ps;f=g.Fb(SUa,d);!d\|\|f&&!this.N\|\|(h=d);this.playerStyle=h;this.qa=(this.K=g.Fb(SUa,this.playerStyle))&&"play"!==this.playerStyle&&"jamboard"!==this.playerStyle;this.vp=!this.qa;this.Sa=oB(!1,a.disableplaybackui);this.disablePaidContentOverlay=oB(!1, equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: a.hl);this.region=b?b.contentRegion\|\|"US":rB("US",a.cr);this.hostLanguage=b?b.hostLanguage\|\|"en":rB("en",a.host_language);this.ip=!this.Dc&&Math.random()<g.xI(this.experiments,"web_player_api_logging_fraction");this.bb=!this.Dc;this.enabledEngageTypes=new Set;this.deviceIsAudioOnly=!(null==b\|\|!b.deviceIsAudioOnly);this.Jd=qB(this.Jd,a.ismb);this.vp?(r=a.vss_host\|\|"s.youtube.com","s.youtube.com"===r&&(r=LR(this.Ha)\|\|"www.youtube.com")):r="video.google.com";this.vn=r;WUa(this,a,!0);this.Ma=new jR;g.N(this, equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: a.severity,e,QJ(a.details),f)}else this.ea.publish("nonfatalerror",a),d=/^pp/.test(this.videoData.clientPlaybackNonce),this.Rd(a.errorCode,a.details),d&&"manifest.net.connect"===a.errorCode&&(a="https://www.youtube.com/generate_204?cpn="+this.videoData.clientPlaybackNonce+"&t="+(0,g.wC)(),AX(a,"manifest",function(h){b.K=!0;b.ma("pathprobe",h)},function(h){b.Rd(h.errorCode,h.details)}))}}; equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: b=this.api.U();a=this.api.getVideoData();var c="";b.C\|\|(b=g.NR(b),0===b.indexOf("www.")&&(b=b.substring(4)),c=g.wT(a)?"Watch on YouTube Music":"youtube.com"===b?"Watch on YouTube":g.jJ("Watch on $WEBSITE",{WEBSITE:b}));this.updateValue("title",c)}; equals www.youtube.com (Youtube)
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: disableRealtimeCallback:!1,drive_share:{skipInitCommand:!0},csi:{rate:.01},client:{cors:!1},signInDeprecation:{rate:0},include_granted_scopes:!0,llang:"en",iframes:{youtube:{params:{location:["search","hash"]},url:":socialhost:/:session_prefix:_/widget/render/youtube?usegapi=1",methods:["scroll","openwindow"]},ytsubscribe:{url:"https://www.youtube.com/subscribe_embed?usegapi=1"},plus_circle:{params:{url:""},url:":socialhost:/:session_prefix::se:_/widget/plus/circle?usegapi=1"},plus_share:{params:{url:""}, equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: g.NR=function(a){a=LR(a.Ha);return"www.youtube-nocookie.com"===a?"www.youtube.com":a}; equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: g.Ua("Goog_AdSense_Lidar_getUrlSignalsList",Ilb);var sCa=pa(["//tpc.googlesyndication.com/sodar/",""]);var QOa={i7a:0,f7a:1,c7a:2,d7a:3,e7a:4,h7a:5,g7a:6};var tqa=(new Date).getTime();var Mka="://secure-...imrworldwide.com/ ://cdn.imrworldwide.com/ ://aksecure.imrworldwide.com/ ://[^.]*.moatads.com ://youtube[0-9]+.moatpixel.com ://pm.adsafeprotected.com/youtube ://pm.test-adsafeprotected.com/youtube ://e[0-9]+.yt.srs.doubleverify.com www.google.com/pagead/xsul www.youtube.com/pagead/slav".split(" "),Nka=/\bocr\b/;var Pka=/(?:\[\|%5B)([a-zA-Z0-9_]+)(?:\]\|%5D)/g;var Jlb=0,Klb=0,Llb=0;var dv,yv;dv=null;g.fv=!1;g.wv=1;g.vv=Symbol("SIGNAL");yv={version:0,xZ:0,mm:!1,vg:void 0,ey:void 0,Qm:void 0,PK:0,Yi:void 0,Au:void 0,MI:!1,lX:!1,K0:function(){return!1}, equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: g.ZR=function(a){var b=g.NR(a);gVa.includes(b)&&(b="www.youtube.com");return a.protocol+"://"+b}; equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: g.k.getVideoUrl=function(a,b,c,d,e,f,h){b={list:b};c&&(e?b.time_continue=c:b.t=c);c=h?"music.youtube.com":g.NR(this);e="www.youtube.com"===c;!f&&d&&e?f="https://youtu.be/"+a:g.HR(this)?(f="https://"+c+"/fire",b.v=a):(f&&e?(f=this.protocol+"://"+c+"/shorts/"+a,d&&(b.feature="share")):(f=this.protocol+"://"+c+"/watch",b.v=a),MC&&(a=hqa())&&(b.ebc=a));return g.to(f,b)}; equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: this.W.Ca&&(a.authuser=this.W.Ca);this.W.pageId&&(a.pageid=this.W.pageId);isNaN(this.cryptoPeriodIndex)\|\|(a.cpi=this.cryptoPeriodIndex.toString());var e=(e=/_(TV\|STB\|GAME\|OTT\|ATV\|BDP)_/.exec(g.pc()))?e[1]:"";"ATV"===e&&(a.cdt=e);this.G=a;this.G.session_id=d;this.qa=!0;"widevine"===this.B.flavor&&(this.G.hdr="1");"playready"===this.B.flavor&&(b=Number(hR(b.experiments,"playready_first_play_expiration")),!isNaN(b)&&0<=b&&(this.G.mfpe=""+b),this.qa=!1);b="";g.aR(this.B)?$Q(this.B)?(d=c.B)&&(b="https://www.youtube.com/api/drm/fps?ek="+ equals www.youtube.com (Youtube)
Source: chromecache_149.2.dr	String found in binary or memory: var H3={};var Nhb=/[&\?]action_proxy=1/,Mhb=/[&\?]token=([\w-])/,Ohb=/[&\?]video_id=([\w-])/,Phb=/[&\?]index=([\d-])/,Qhb=/[&\?]m_pos_ms=([\d-])/,Shb=/[&\?]vvt=([\w-]*)/,Ehb="ca_type dt el flash u_tz u_his u_h u_w u_ah u_aw u_cd u_nplug u_nmime frm u_java bc bih biw brdim vis wgl".split(" "),Rhb="www.youtube-nocookie.com youtube-nocookie.com www.youtube-nocookie.com:443 youtube.googleapis.com www.youtubeedu.com www.youtubeeducation.com video.google.com redirector.gvt1.com".split(" "),Hhb={android:"ANDROID", equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: facebooksecurity.blogspot.pe
Source: global traffic	DNS traffic detected: DNS query: facebooksecurity.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.blogger.com
Source: global traffic	DNS traffic detected: DNS query: sites.google.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: 3.bp.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: 1.bp.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: blogger.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: www.youtube.com
Source: global traffic	DNS traffic detected: DNS query: 2.bp.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: 4.bp.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: i.ytimg.com
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: static.doubleclick.net

Source: unknown

HTTP traffic detected: POST /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveContent-Length: 883sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded;charset=UTF-8Accept: */*Origin: https://www.blogger.comX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Mon, 10 Jun 2024 22:13:20 GMTContent-Encoding: gzipX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Length: 15847Server: GSE
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Mon, 10 Jun 2024 22:13:46 GMTContent-Encoding: gzipX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Length: 15856Server: GSE
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Mon, 10 Jun 2024 22:13:54 GMTContent-Encoding: gzipX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Length: 15855Server: GSE
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Mon, 10 Jun 2024 22:14:16 GMTContent-Encoding: gzipX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Length: 15856Server: GSE
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Mon, 10 Jun 2024 22:14:30 GMTContent-Encoding: gzipX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Length: 15855Server: GSE

Source: chromecache_197.2.dr	String found in binary or memory: http://csi.gstatic.com/csi
Source: chromecache_149.2.dr, chromecache_183.2.dr	String found in binary or memory: http://tools.ietf.org/html/rfc1950
Source: chromecache_187.2.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_149.2.dr	String found in binary or memory: http://www.youtube.com/videoplayback
Source: chromecache_149.2.dr	String found in binary or memory: http://youtube.com/drm/2012/10/10
Source: chromecache_149.2.dr	String found in binary or memory: http://youtube.com/streaming/metadata/segment/102015
Source: chromecache_149.2.dr	String found in binary or memory: http://youtube.com/streaming/otf/durations/112015
Source: chromecache_149.2.dr	String found in binary or memory: http://youtube.com/yt/2012/10/10
Source: chromecache_138.2.dr, chromecache_156.2.dr, chromecache_108.2.dr, chromecache_212.2.dr, chromecache_110.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_138.2.dr, chromecache_156.2.dr, chromecache_108.2.dr, chromecache_212.2.dr, chromecache_110.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_149.2.dr	String found in binary or memory: https://admin.youtube.com
Source: chromecache_146.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_149.2.dr	String found in binary or memory: https://angular.io/license
Source: chromecache_110.2.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_110.2.dr	String found in binary or memory: https://apis.google.com/js/platform.js
Source: chromecache_156.2.dr	String found in binary or memory: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://classroom.google.com/sharewidget?usegapi=1
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://clients3.google.com/cast/chromecast/home/widget/backdrop?usegapi=1
Source: chromecache_138.2.dr, chromecache_156.2.dr, chromecache_108.2.dr, chromecache_212.2.dr, chromecache_110.2.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_138.2.dr, chromecache_156.2.dr, chromecache_108.2.dr, chromecache_212.2.dr, chromecache_110.2.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_197.2.dr, chromecache_160.2.dr	String found in binary or memory: https://csi.gstatic.com/csi
Source: chromecache_138.2.dr, chromecache_108.2.dr, chromecache_212.2.dr, chromecache_160.2.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
Source: chromecache_149.2.dr	String found in binary or memory: https://docs.google.com/get_video_info
Source: chromecache_138.2.dr, chromecache_108.2.dr, chromecache_212.2.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://drive.google.com/savetodrivebutton?usegapi=1
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://families.google.com/webcreation?usegapi=1&usegapi=1
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_187.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_187.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_187.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_187.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4iaVI
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4jaVI
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4kaVI
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4saVI
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4taVI
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4vaVI
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B5OaVI
Source: chromecache_123.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B5caVI
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVE9eOcEg.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVFNeOcEg.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVGdeOcEg.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_166.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://github.com/google/safevalues/issues
Source: chromecache_149.2.dr, chromecache_183.2.dr	String found in binary or memory: https://github.com/madler/zlib/blob/master/zlib.h
Source: chromecache_149.2.dr	String found in binary or memory: https://i.ytimg.com/vi/
Source: chromecache_149.2.dr	String found in binary or memory: https://jnn-pa.googleapis.com
Source: chromecache_110.2.dr	String found in binary or memory: https://pay.google.com/gp/v/widget/save
Source: chromecache_183.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
Source: chromecache_212.2.dr, chromecache_110.2.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_138.2.dr, chromecache_156.2.dr, chromecache_108.2.dr, chromecache_212.2.dr, chromecache_110.2.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_149.2.dr	String found in binary or memory: https://redux.js.org/api/store#subscribelistener
Source: chromecache_149.2.dr	String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-4-store#creating-a-store-with-enhancers
Source: chromecache_149.2.dr	String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-4-store#middleware
Source: chromecache_149.2.dr	String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-6-async-logic#using-the-redux-thunk-middleware
Source: chromecache_197.2.dr	String found in binary or memory: https://resources.blogblog.com/img/widgets/icon_contactform_cross.gif
Source: chromecache_212.2.dr	String found in binary or memory: https://ssl.gstatic.com/docs/documents/share/images/spinner-1.gif
Source: chromecache_212.2.dr	String found in binary or memory: https://ssl.gstatic.com/gb/js/
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://ssl.gstatic.com/microscope/embed/
Source: chromecache_212.2.dr	String found in binary or memory: https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
Source: chromecache_146.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_149.2.dr	String found in binary or memory: https://support.google.com/youtube/?p=missing_quality
Source: chromecache_149.2.dr	String found in binary or memory: https://support.google.com/youtube/?p=noaudio
Source: chromecache_149.2.dr	String found in binary or memory: https://support.google.com/youtube/?p=report_playback
Source: chromecache_149.2.dr	String found in binary or memory: https://support.google.com/youtube/answer/6276924
Source: chromecache_146.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://talkgadget.google.com/:session_prefix:talkgadget/_/widget
Source: chromecache_197.2.dr	String found in binary or memory: https://twitter.com/intent/tweet?text=
Source: chromecache_149.2.dr	String found in binary or memory: https://viacon.corp.google.com
Source: chromecache_138.2.dr, chromecache_156.2.dr, chromecache_108.2.dr, chromecache_212.2.dr, chromecache_110.2.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_146.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_146.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_146.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_146.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/badge?usegapi=1
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/optin?usegapi=1
Source: chromecache_212.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_212.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_149.2.dr	String found in binary or memory: https://www.googleapis.com/certificateprovisioning/v1/devicecertificates/create?key=AIzaSyB-5OLKTx2i
Source: chromecache_146.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_187.2.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_187.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_187.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://www.gstatic.com/partners/badge/templates/badge.html?usegapi=1
Source: chromecache_149.2.dr	String found in binary or memory: https://www.gstatic.com/ytlr/img/sign_in_avatar_default.png?rn=
Source: chromecache_149.2.dr	String found in binary or memory: https://www.youtube.com/api/drm/fps?ek=
Source: chromecache_149.2.dr	String found in binary or memory: https://www.youtube.com/generate_204?cpn=
Source: chromecache_156.2.dr, chromecache_110.2.dr	String found in binary or memory: https://www.youtube.com/subscribe_embed?usegapi=1
Source: chromecache_149.2.dr	String found in binary or memory: https://youtu.be/
Source: chromecache_149.2.dr	String found in binary or memory: https://youtube.com/api/drm/fps?ek=uninitialized
Source: chromecache_149.2.dr	String found in binary or memory: https://youtubei.googleapis.com/youtubei/
Source: chromecache_149.2.dr	String found in binary or memory: https://yurt.corp.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49833 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.6:49861 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49870 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49880 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49928 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49946 version: TLS 1.2

Source: classification engine

Classification label: mal64.phis.win@27/195@82/32

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2020,i,16440638638355715808,11503379148845828170,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://facebooksecurity.blogspot.pe/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2020,i,16440638638355715808,11503379148845828170,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	5 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	6 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	4 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://facebooksecurity.blogspot.pe/	100%	Avira URL Cloud	phishing

Source	Detection	Scanner	Label
http://www.broofa.com	0%	URL Reputation	safe
https://ampcid.google.com/v1/publisher:getClientId	0%	URL Reputation	safe
https://stats.g.doubleclick.net/j/collect	0%	URL Reputation	safe
https://ipinfo.io/	0%	URL Reputation	safe
https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/s1600/facebook-google.jpg	0%	Avira URL Cloud	safe
https://www.blogger.com/static/v1/v-app/scripts/3510624199-common.js	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8wsZYYCVEpZfHbM9btfgR6MsPdFeROOTJkYwoBDb7BkDo5SGO2U7MwOcI4fVxZahoDL7b-acjyOlhigTHeZKd2_mTIZN20zucj-Tjuf21Qcoi4o3wiTZaT8kCpQxd9gMPHPD5JWcdl88/w72-h72-p-k-no-nu/Facebook+Implements+Microsoft%25E2%2580%2599s+PhotoDNA+Technology.jpg	0%	Avira URL Cloud	safe
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.JHoMBbBABZg.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_6Zf8M75AJqSyaaLg_vD7Vr9kevQ/cb=gapi.loaded_0	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/w72-h72-p-k-no-nu/facebook-google.jpg	0%	Avira URL Cloud	safe
https://redux.js.org/tutorials/fundamentals/part-4-store#creating-a-store-with-enhancers	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLAFXQ9nhm1HhhmbwnnekzsgCZO6E3TPh3kdzh2VISyeIZgW4ufTOSDiEdDAoyoa3to4ia4T2yP9OOItjwP-f3Qh3GE5YFskX4twlaexOtLGFLbK0U-C_LLgV_jemcf4zfRgcywGhzPLw/s400/cnn+fake+site+virus.jpg	0%	Avira URL Cloud	safe
https://www.blogger.com/favicon.ico	0%	Avira URL Cloud	safe
http://3.bp.blogspot.com/-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg	0%	Avira URL Cloud	safe
http://youtube.com/streaming/otf/durations/112015	0%	Avira URL Cloud	safe
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1	0%	Avira URL Cloud	safe
http://code.jquery.com/jquery-1.7.min.js	0%	Avira URL Cloud	safe
http://3.bp.blogspot.com/-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg	0%	Avira URL Cloud	safe
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj08WTD0L9AuzD12whTafjP4PA6KmQTrSK8UMwkMtGebD-V2-4WFINDwmusBb3zx-hjGu-eIMCQZii1J48wKQdlgaB5um3bPq4gI7cBmqyzZ1-9bi-mz8-lT4s9dCK2ZEaTWZw5y9sawYU/s320/knowledge.jpg	0%	Avira URL Cloud	safe
https://www.google.com/css/maia.css	0%	Avira URL Cloud	safe
https://apis.google.com/js/platform:gapi.iframes.style.common.js	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMW8agzRJJnOmlRHoFMD6pT4Cuk7jc79cTkWXGzWZNr8TJZR3AsykW_oegPS2AmoznSU04LOGmbjK185nU2a5jCG9pE65LiNSb7A3FF19tAR8cj4dQxTuLrRRX9q1lCZRngjHhI2peJIU/w72-h72-p-k-no-nu/blogfacebooklurking.jpg	0%	Avira URL Cloud	safe
https://admin.youtube.com	0%	Avira URL Cloud	safe
https://pay.google.com/gp/v/widget/save	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/s320/t1larg.facebook.jpg	0%	Avira URL Cloud	safe
http://4.bp.blogspot.com/-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png	0%	Avira URL Cloud	safe
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8	0%	Avira URL Cloud	safe
https://www.google.com/shopping/customerreviews/optin?usegapi=1	0%	Avira URL Cloud	safe
https://www.youtube.com/api/drm/fps?ek=	0%	Avira URL Cloud	safe
https://redux.js.org/tutorials/fundamentals/part-4-store#middleware	0%	Avira URL Cloud	safe
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	0%	Avira URL Cloud	safe
https://www.blogger.com/static/v1/jsbin/2378602557-base.js	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/s400/us_attacks_wall-facebook+virus+allert.jpg	0%	Avira URL Cloud	safe
https://github.com/madler/zlib/blob/master/zlib.h	0%	Avira URL Cloud	safe
http://3.bp.blogspot.com/-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg	0%	Avira URL Cloud	safe
http://2.bp.blogspot.com/-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png	0%	Avira URL Cloud	safe
http://3.bp.blogspot.com/-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico	0%	Avira URL Cloud	safe
https://viacon.corp.google.com	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQBsLeJueV9nLN-CdicPuTdOQVuSpx_Oub7_C9AlZpoBWU_TV-OXQBOAPwyN2SsMAJLl_Lq2EBWvtlngM6Rdt8M7OOVD8cwN6YaNMoXSI9MOEDweMclK8WQKi0ePcnRLJxt7pxViIBzBo/s320/anitivirus.jpg	0%	Avira URL Cloud	safe
https://yurt.corp.google.com	0%	Avira URL Cloud	safe
https://www.youtube.com/generate_204?cpn=	0%	Avira URL Cloud	safe
http://facebooksecurity.blogspot.com/img/2.jpg	100%	Avira URL Cloud	phishing
https://www.blogger.com/static/v1/jsbin/671481879-analytics_autotrack.js	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiujJ85GpGlXLmEmD9_norDKpQnNHQ9VBSF001sNaKPeOoSDK1C-hqHTJTY_rtnaG5HRExTDdSOj6JqiYC_BOL0NrgzG4e-CsrSsOYgsY07WZcbfva6HXTnnFUVdN77JbqwhFwV65toaBI/w72-h72-p-k-no-nu/Facebook+security.jpg	0%	Avira URL Cloud	safe
https://www.blogger.com/static/v1/v-css/3896558673-new_ui_static_pages.css	0%	Avira URL Cloud	safe
https://static.doubleclick.net/instream/ad_status.js	0%	Avira URL Cloud	safe
https://googleads.g.doubleclick.net/pagead/id	0%	Avira URL Cloud	safe
http://facebooksecurity.blogspot.com/2012/01/img/2.jpg	100%	Avira URL Cloud	phishing
https://apis.google.com/js/platform.js	0%	Avira URL Cloud	safe
https://www.youtube.com/s/player/dee49cfa/www-embed-player.vflset/www-embed-player.js	0%	Avira URL Cloud	safe
https://support.google.com/youtube/answer/6276924	0%	Avira URL Cloud	safe
https://www.youtube.com/subscribe_embed?usegapi=1	0%	Avira URL Cloud	safe
https://www.blogger.com/img/blogger-logotype-color-black-1x.png	0%	Avira URL Cloud	safe
https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsharrre.js	0%	Avira URL Cloud	safe
https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsocialite.js	0%	Avira URL Cloud	safe
https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=4124881130413553059&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.html&vt=-5754118262451185758&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__	0%	Avira URL Cloud	safe
http://youtube.com/yt/2012/10/10	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhRdUkdNaj7S0PczG7Rmt23sdOM3ZHfOgcIbOX4UOuhB5r-PBVtOSQjpp9PBLUMwaQcCeNwvrD7-SUSMWFxH7Jo7pGJAWxx5EhwHnoCa2pNWDmIeVYdgUyhwAHcKJc566cHe-ep2nVPDA/w72-h72-p-k-no-nu/https-background.jpg	0%	Avira URL Cloud	safe
https://www.youtube.com/s/player/dee49cfa/www-player.css	0%	Avira URL Cloud	safe
https://plus.google.com	0%	Avira URL Cloud	safe
http://2.bp.blogspot.com/--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png	0%	Avira URL Cloud	safe
https://play.google.com/log?format=json&hasfast=true	0%	Avira URL Cloud	safe
https://sites.google.com/site/bloggerwidgets01/sharrre.js	0%	Avira URL Cloud	safe
https://www.google.%/ads/ga-audiences	0%	Avira URL Cloud	safe
http://tools.ietf.org/html/rfc1950	0%	Avira URL Cloud	safe
https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&vt=88767743790000018&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__	0%	Avira URL Cloud	safe
https://www.youtube.com/s/player/dee49cfa/player_ias.vflset/en_US/embed.js	0%	Avira URL Cloud	safe
http://www.youtube.com/videoplayback	0%	Avira URL Cloud	safe
http://4.bp.blogspot.com/-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg	0%	Avira URL Cloud	safe
https://play.google.com/work/embedded/search?usegapi=1&usegapi=1	0%	Avira URL Cloud	safe
http://3.bp.blogspot.com/-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png	0%	Avira URL Cloud	safe
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs	0%	Avira URL Cloud	safe
https://twitter.com/intent/tweet?text=	0%	Avira URL Cloud	safe
https://support.google.com/youtube/?p=missing_quality	0%	Avira URL Cloud	safe
https://fonts.google.com/license/googlerestricted	0%	Avira URL Cloud	safe
https://clients6.google.com	0%	Avira URL Cloud	safe
http://facebooksecurity.blogspot.com/2012/02/us-attacks-iran-and-saudi-arabia-f.html	100%	Avira URL Cloud	phishing
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7-XaBnr5ysT-dfc-5OTudFVIdW-1lr0Io2cCfcMmE6tluqCTZJp-S44kDj6QmEUXxRYAOBlUb5H05j41T_MiY0roSTOl_W5ok0DJ9KhDyM1e_jMu8bbGEY8_vWGOTV-jXwL5NpjRY3TM/s320/ramnit.jpg	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDHNB2D9NkpIUm-nmtyZutA7ER4kqdz0lIP2BwAmGaTimyvmtLtS_YWvh2_2QteKdg5Bf682Gt_MqggD0U5ksSbYkeS3nLJhIpqUxqKvxok0LxlTi5P926ECODmQDTWu6Br0RO9npYcUg/s400/facebook+app+password_jpg_14460.jpg	0%	Avira URL Cloud	safe
https://www.blogger.com/static/v1/v-css/2223071481-static_pages.css	0%	Avira URL Cloud	safe
http://4.bp.blogspot.com/-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/s1600/fACEBOOK+VIRUS.jpg	0%	Avira URL Cloud	safe
http://2.bp.blogspot.com/-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png	0%	Avira URL Cloud	safe
http://1.bp.blogspot.com/-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg	0%	Avira URL Cloud	safe
https://support.google.com/youtube/?p=report_playback	0%	Avira URL Cloud	safe
https://github.com/google/safevalues/issues	0%	Avira URL Cloud	safe
http://youtube.com/streaming/metadata/segment/102015	0%	Avira URL Cloud	safe
https://www.blogger.com/static/v1/widgets/116388341-widgets.js	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
plus.l.google.com	142.250.185.174	true	false	unknown
blogspot.l.googleusercontent.com	142.250.185.225	true	false	unknown
i.ytimg.com	172.217.16.214	true	false	unknown
sites.google.com	142.250.186.142	true	false	unknown
static.doubleclick.net	172.217.18.6	true	false	unknown
youtube-ui.l.google.com	142.250.184.238	true	false	unknown
code.jquery.com	151.101.194.137	true	false	unknown
play.google.com	216.58.206.78	true	false	unknown
googleads.g.doubleclick.net	216.58.206.34	true	false	unknown
photos-ugc.l.googleusercontent.com	216.58.206.65	true	false	unknown
www.google.com	142.250.185.164	true	false	unknown
blogger.l.google.com	142.250.185.73	true	false	unknown
googlehosted.l.googleusercontent.com	142.250.185.97	true	false	unknown
facebooksecurity.blogspot.com	unknown	unknown	true	unknown
2.bp.blogspot.com	unknown	unknown	false	unknown
1.bp.blogspot.com	unknown	unknown	false	unknown
4.bp.blogspot.com	unknown	unknown	false	unknown
facebooksecurity.blogspot.pe	unknown	unknown	false	unknown
blogger.googleusercontent.com	unknown	unknown	false	unknown
www.youtube.com	unknown	unknown	false	unknown
3.bp.blogspot.com	unknown	unknown	false	unknown
apis.google.com	unknown	unknown	false	unknown
www.blogger.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLAFXQ9nhm1HhhmbwnnekzsgCZO6E3TPh3kdzh2VISyeIZgW4ufTOSDiEdDAoyoa3to4ia4T2yP9OOItjwP-f3Qh3GE5YFskX4twlaexOtLGFLbK0U-C_LLgV_jemcf4zfRgcywGhzPLw/s400/cnn+fake+site+virus.jpg	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8wsZYYCVEpZfHbM9btfgR6MsPdFeROOTJkYwoBDb7BkDo5SGO2U7MwOcI4fVxZahoDL7b-acjyOlhigTHeZKd2_mTIZN20zucj-Tjuf21Qcoi4o3wiTZaT8kCpQxd9gMPHPD5JWcdl88/w72-h72-p-k-no-nu/Facebook+Implements+Microsoft%25E2%2580%2599s+PhotoDNA+Technology.jpg	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/w72-h72-p-k-no-nu/facebook-google.jpg	false	Avira URL Cloud: safe	unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.JHoMBbBABZg.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_6Zf8M75AJqSyaaLg_vD7Vr9kevQ/cb=gapi.loaded_0	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/s1600/facebook-google.jpg	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.com/	true		unknown
https://www.blogger.com/profile/07973550498852665411	false		unknown
http://3.bp.blogspot.com/-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/static/v1/v-app/scripts/3510624199-common.js	false	Avira URL Cloud: safe	unknown
http://code.jquery.com/jquery-1.7.min.js	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/embed/rD0_qT0rmuM	false		unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMW8agzRJJnOmlRHoFMD6pT4Cuk7jc79cTkWXGzWZNr8TJZR3AsykW_oegPS2AmoznSU04LOGmbjK185nU2a5jCG9pE65LiNSb7A3FF19tAR8cj4dQxTuLrRRX9q1lCZRngjHhI2peJIU/w72-h72-p-k-no-nu/blogfacebooklurking.jpg	false	Avira URL Cloud: safe	unknown
https://apis.google.com/js/platform:gapi.iframes.style.common.js	false	Avira URL Cloud: safe	unknown
http://3.bp.blogspot.com/-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=1147264465915888549&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/01/how-to-access-facebook-without-internet.html&vt=-6201656511637213917&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Ffacebooksecurity.blogspot.com&pfname=&rpctoken=16325958	true		unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj08WTD0L9AuzD12whTafjP4PA6KmQTrSK8UMwkMtGebD-V2-4WFINDwmusBb3zx-hjGu-eIMCQZii1J48wKQdlgaB5um3bPq4gI7cBmqyzZ1-9bi-mz8-lT4s9dCK2ZEaTWZw5y9sawYU/s320/knowledge.jpg	false	Avira URL Cloud: safe	unknown
https://www.google.com/css/maia.css	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=0a0d6b86-1428-45d5-a847-0b9106d87556	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8	false	Avira URL Cloud: safe	unknown
http://4.bp.blogspot.com/-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/s320/t1larg.facebook.jpg	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/s400/us_attacks_wall-facebook+virus+allert.jpg	false	Avira URL Cloud: safe	unknown
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/static/v1/jsbin/2378602557-base.js	false	Avira URL Cloud: safe	unknown
http://3.bp.blogspot.com/-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg	false	Avira URL Cloud: safe	unknown
http://2.bp.blogspot.com/-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQBsLeJueV9nLN-CdicPuTdOQVuSpx_Oub7_C9AlZpoBWU_TV-OXQBOAPwyN2SsMAJLl_Lq2EBWvtlngM6Rdt8M7OOVD8cwN6YaNMoXSI9MOEDweMclK8WQKi0ePcnRLJxt7pxViIBzBo/s320/anitivirus.jpg	false	Avira URL Cloud: safe	unknown
http://3.bp.blogspot.com/-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.com/img/2.jpg	false	Avira URL Cloud: phishing	unknown
https://www.blogger.com/static/v1/jsbin/671481879-analytics_autotrack.js	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiujJ85GpGlXLmEmD9_norDKpQnNHQ9VBSF001sNaKPeOoSDK1C-hqHTJTY_rtnaG5HRExTDdSOj6JqiYC_BOL0NrgzG4e-CsrSsOYgsY07WZcbfva6HXTnnFUVdN77JbqwhFwV65toaBI/w72-h72-p-k-no-nu/Facebook+security.jpg	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/static/v1/v-css/3896558673-new_ui_static_pages.css	false	Avira URL Cloud: safe	unknown
https://static.doubleclick.net/instream/ad_status.js	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.com/2012/01/img/2.jpg	false	Avira URL Cloud: phishing	unknown
https://apis.google.com/js/platform.js	false	Avira URL Cloud: safe	unknown
https://googleads.g.doubleclick.net/pagead/id	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/img/blogger-logotype-color-black-1x.png	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/s/player/dee49cfa/www-embed-player.vflset/www-embed-player.js	false	Avira URL Cloud: safe	unknown
https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsocialite.js	false	Avira URL Cloud: safe	unknown
https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsharrre.js	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=4124881130413553059&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.html&vt=-5754118262451185758&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhRdUkdNaj7S0PczG7Rmt23sdOM3ZHfOgcIbOX4UOuhB5r-PBVtOSQjpp9PBLUMwaQcCeNwvrD7-SUSMWFxH7Jo7pGJAWxx5EhwHnoCa2pNWDmIeVYdgUyhwAHcKJc566cHe-ep2nVPDA/w72-h72-p-k-no-nu/https-background.jpg	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/s/player/dee49cfa/www-player.css	false	Avira URL Cloud: safe	unknown
http://2.bp.blogspot.com/--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png	false	Avira URL Cloud: safe	unknown
https://sites.google.com/site/bloggerwidgets01/sharrre.js	false	Avira URL Cloud: safe	unknown
https://play.google.com/log?format=json&hasfast=true	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.pe/	false		unknown
https://ipinfo.io/	false	URL Reputation: safe	unknown
https://www.youtube.com/s/player/dee49cfa/player_ias.vflset/en_US/embed.js	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=4124881130413553059&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.html&vt=-5754118262451185758&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Ffacebooksecurity.blogspot.com&pfname=&rpctoken=27775056	true		unknown
https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&vt=88767743790000018&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__	false	Avira URL Cloud: safe	unknown
http://4.bp.blogspot.com/-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg	false	Avira URL Cloud: safe	unknown
http://3.bp.blogspot.com/-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=6375811994687913730&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2012/01/issue-over-facebook-and-google-in-india.html&vt=5448844313414825449&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Ffacebooksecurity.blogspot.com&pfname=&rpctoken=26657076	true		unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7-XaBnr5ysT-dfc-5OTudFVIdW-1lr0Io2cCfcMmE6tluqCTZJp-S44kDj6QmEUXxRYAOBlUb5H05j41T_MiY0roSTOl_W5ok0DJ9KhDyM1e_jMu8bbGEY8_vWGOTV-jXwL5NpjRY3TM/s320/ramnit.jpg	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.com/2012/02/us-attacks-iran-and-saudi-arabia-f.html	false	Avira URL Cloud: phishing	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDHNB2D9NkpIUm-nmtyZutA7ER4kqdz0lIP2BwAmGaTimyvmtLtS_YWvh2_2QteKdg5Bf682Gt_MqggD0U5ksSbYkeS3nLJhIpqUxqKvxok0LxlTi5P926ECODmQDTWu6Br0RO9npYcUg/s400/facebook+app+password_jpg_14460.jpg	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/s1600/fACEBOOK+VIRUS.jpg	false	Avira URL Cloud: safe	unknown
http://4.bp.blogspot.com/-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/static/v1/v-css/2223071481-static_pages.css	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.html	true		unknown
http://facebooksecurity.blogspot.com/2012/01/issue-over-facebook-and-google-in-india.html	true		unknown
http://2.bp.blogspot.com/-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/profile/04317396537791325342	false		unknown
http://1.bp.blogspot.com/-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.com/2012/01/how-to-access-facebook-without-internet.html	true		unknown
https://www.blogger.com/static/v1/widgets/116388341-widgets.js	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://redux.js.org/tutorials/fundamentals/part-4-store#creating-a-store-with-enhancers	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
http://www.broofa.com	chromecache_187.2.dr	false	URL Reputation: safe	unknown
https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1	chromecache_156.2.dr, chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
http://youtube.com/streaming/otf/durations/112015	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://ampcid.google.com/v1/publisher:getClientId	chromecache_146.2.dr	false	URL Reputation: safe	unknown
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1	chromecache_138.2.dr, chromecache_156.2.dr, chromecache_108.2.dr, chromecache_212.2.dr, chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
https://admin.youtube.com	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://pay.google.com/gp/v/widget/save	chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/api/drm/fps?ek=	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://redux.js.org/tutorials/fundamentals/part-4-store#middleware	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/shopping/customerreviews/optin?usegapi=1	chromecache_156.2.dr, chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/j/collect	chromecache_146.2.dr	false	URL Reputation: safe	unknown
https://github.com/madler/zlib/blob/master/zlib.h	chromecache_149.2.dr, chromecache_183.2.dr	false	Avira URL Cloud: safe	unknown
https://yurt.corp.google.com	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://viacon.corp.google.com	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/generate_204?cpn=	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/subscribe_embed?usegapi=1	chromecache_156.2.dr, chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
https://support.google.com/youtube/answer/6276924	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
http://youtube.com/yt/2012/10/10	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://plus.google.com	chromecache_212.2.dr, chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
http://tools.ietf.org/html/rfc1950	chromecache_149.2.dr, chromecache_183.2.dr	false	Avira URL Cloud: safe	unknown
https://www.google.%/ads/ga-audiences	chromecache_146.2.dr	false	Avira URL Cloud: safe	unknown
http://www.youtube.com/videoplayback	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://play.google.com/work/embedded/search?usegapi=1&usegapi=1	chromecache_156.2.dr, chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
https://fonts.google.com/license/googlerestricted	chromecache_166.2.dr	false	Avira URL Cloud: safe	unknown
https://support.google.com/youtube/?p=missing_quality	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://clients6.google.com	chromecache_138.2.dr, chromecache_156.2.dr, chromecache_108.2.dr, chromecache_212.2.dr, chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
https://twitter.com/intent/tweet?text=	chromecache_197.2.dr	false	Avira URL Cloud: safe	unknown
https://support.google.com/youtube/?p=report_playback	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/google/safevalues/issues	chromecache_156.2.dr, chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
http://youtube.com/streaming/metadata/segment/102015	chromecache_149.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.217.16.214	i.ytimg.com	United States	15169	GOOGLEUS	false
142.250.185.225	blogspot.l.googleusercontent.com	United States	15169	GOOGLEUS	false
142.250.185.142	unknown	United States	15169	GOOGLEUS	false
142.250.184.225	unknown	United States	15169	GOOGLEUS	false
142.250.186.78	unknown	United States	15169	GOOGLEUS	false
172.217.18.9	unknown	United States	15169	GOOGLEUS	false
172.217.18.6	static.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.185.110	unknown	United States	15169	GOOGLEUS	false
142.250.185.238	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.186.142	sites.google.com	United States	15169	GOOGLEUS	false
142.250.184.238	youtube-ui.l.google.com	United States	15169	GOOGLEUS	false
142.250.185.73	blogger.l.google.com	United States	15169	GOOGLEUS	false
216.58.212.169	unknown	United States	15169	GOOGLEUS	false
142.250.185.129	unknown	United States	15169	GOOGLEUS	false
216.58.212.164	unknown	United States	15169	GOOGLEUS	false
216.58.206.73	unknown	United States	15169	GOOGLEUS	false
216.58.206.78	play.google.com	United States	15169	GOOGLEUS	false
216.58.206.34	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.185.201	unknown	United States	15169	GOOGLEUS	false
142.250.181.233	unknown	United States	15169	GOOGLEUS	false
142.250.185.164	www.google.com	United States	15169	GOOGLEUS	false
151.101.194.137	code.jquery.com	United States	54113	FASTLYUS	false
216.58.212.130	unknown	United States	15169	GOOGLEUS	false
142.250.186.97	unknown	United States	15169	GOOGLEUS	false
216.58.206.65	photos-ugc.l.googleusercontent.com	United States	15169	GOOGLEUS	false
142.250.185.174	plus.l.google.com	United States	15169	GOOGLEUS	false
142.250.185.97	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
142.250.186.65	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.7
192.168.2.4
192.168.2.6

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1454842
Start date and time:	2024-06-11 00:12:16 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 19s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://facebooksecurity.blogspot.pe/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal64.phis.win@27/195@82/32
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: http://facebooksecurity.blogspot.com/2012/02/us-attacks-iran-and-saudi-arabia-f.html Browse: https://www.blogger.com/profile/07973550498852665411 Browse: http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.html Browse: https://www.blogger.com/profile/04317396537791325342 Browse: http://facebooksecurity.blogspot.com/2012/01/issue-over-facebook-and-google-in-india.html

Warnings

Exclude process from analysis (whitelisted): WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.227, 142.250.186.46, 142.251.168.84, 34.104.35.123, 64.233.166.84, 192.229.221.95, 142.250.74.194, 142.250.186.66, 199.232.214.172, 142.250.186.74, 142.250.186.42, 142.250.74.202, 172.217.16.202, 172.217.18.10, 142.250.184.234, 142.250.184.202, 216.58.206.74, 216.58.212.170, 142.250.185.202, 142.250.186.138, 172.217.18.106, 142.250.181.234, 142.250.186.170, 142.250.186.106, 142.250.185.234, 142.250.181.238, 142.250.186.99, 216.58.206.67, 74.125.201.94, 74.125.201.120, 142.250.186.35, 142.250.185.227, 216.58.206.42, 142.250.185.106, 142.250.185.138, 142.250.185.170, 172.217.16.138, 172.217.23.106, 142.250.185.74, 142.250.185.78
Excluded domains from analysis (whitelisted): clients1.google.com, client.wns.windows.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, pagead2.googlesyndication.com, jnn-pa.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, csi.gstatic.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, www.google-analytics.com
HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: http://facebooksecurity.blogspot.pe/

Input	Output
URL: http://facebooksecurity.blogspot.com/ Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": false, "urgency": false, "captcha": false, "reasons": [ "The webpage does not contain a login form explicitly requesting sensitive information.", "The text does not create a sense of urgency such as 'Click here to view document' or 'To view secured document click here'.", "The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism." ] } Explanation: 1. The webpage does not contain a login form where sensitive information such as passwords, email addresses, usernames, phone numbers or credit card numbers (CVV) are requested. 2. The text does not create a sense of urgency or interest by explicitly asking the user to click on a link to view a document or invoice. 3. The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism to prevent automated access. Therefore, based on the analysis of the title and text provided, the webpage does not contain a login form, does not create a sense of urgency, and does not contain a CAPTCHA or any other anti-robot detection mechanism.
Title: FACEBOOK SECURITY OCR: Top Stwies Trending Topics People Jobs FACEBOOK SECURITY Social Media Tech Business US & World - Videos Featured : Facebook Google* Awards ADD ME AS FRIEND Abdul salinm is A personal tech journalist Works at U.S. Attacks Iran and Saudi Arabia. Dell Services F* ** :( The Begin of World War 3? [Virus Alert!] You can find him Dn Twitter Facebook, Google+ Scam Signature Messages: LLS Attacks Iran and Saudi Arabia. and LinkedIn Or send an emaii to The Begin of World War 3? Why it's a Scam If any one click the link salimp.info@gmail.com that shown in the facebook wall it takes a page. P by unkr TOP STORIES ALL TIME How Spammers How Spammers flooding Facebook flooding Spam Facebook wall wall Spam Its a Simple trick to Its a Simple trick to post a message on someone facebook wall in n post a message on number of times here is the java scrip which is used to do this someone facebook methord: Facebook Wall Post java script : var a = wall in n number of document.body.innerHTML; var... timey here is the java scrip which is used by Llnkr- do this methord_ Impress your trelnds with acsdo cool Facebook tricks Issue Over facebook and google in Today there are few facebook tricks to india impress your friends Recently As we all know, that the supreme court of India has asked some may are the hols in facebook and many social networking sites to remove all content which are some of the tricks are not holes but an ale Unexpectable by our Indian society.. many people are making fun... How to Access Facebook P by Llnkr without Internet Connection India has estimated 34 million registered Facebook No expand its rtnts more deeper into rural areas and to strengthen its current user How to Access Facebook without Browse Internet Connection Facebook on a India has estimated 34 million registered Facebook To expand its roots more deeper into rural areas secure connection and to strengthen its current user base Facebook has partnered with. (https) by u nkrZM The main idea of
URL: http://facebooksecurity.blogspot.com/ Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": false, "urgency": false, "captcha": false, "reasons": [ "The webpage does not contain a login form explicitly requesting sensitive information.", "The text does not create a sense of urgency or interest such as 'Click here to view document' or 'To view secured document click here'.", "The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism." ] } Explanation: 1. The webpage does not contain a login form where sensitive information such as passwords, email addresses, usernames, phone numbers or credit card numbers (CVV) are requested. 2. The text does not create a sense of urgency or interest. There is no mention of viewing documents, invoices or any other secured content. 3. The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism. 4. The analysis is based on the provided title and text only. The entire webpage was not analyzed.
Title: FACEBOOK SECURITY OCR: Top Stwies Trending Topics People Jobs FACEBOOK SECURITY Social Media Tech Business US & World - Videos Featured : Facebook Google* Awards ADD ME AS FRIEND Abdul salinm is A personal tech journalist Works at U.S. Attacks Iran and Saudi Arabia. Dell Services F* ** :( The Begin of World War 3? [Virus Alert!] You can find him Dn Twitter Facebook, Google+ Scam Signature Messages: LLS Attacks Iran and Saudi Arabia. and LinkedIn Or send an emaii to The Begin of World War 3? Why it's a Scam If any one click the link salimp.info@gmail.com that shown in the facebook wall it takes a page. P by unkr TOP STORIES ALL TIME How Spammers How Spammers flooding Facebook flooding Spam Facebook wall wall Spam Alert; Spam Its a Simple trick to Spam Its a Simple trick to post a message on someone facebook wall in n post a message on number of times here is the java scrip which is used to do this someone facebook methord: Facebook Wall Post java script : var a = wall in n number of document.body.innerHTML; var... timey here is the java scrip which is used by Llnkr- do this methord_ Impress your trelnds with acsdo cool Facebook tricks Issue Over facebook and google in Today there are few facebook tricks to india face'. :aok impress your friends Recently As we all know, that the supreme court of India has asked some may are the hols in facebook and e many social networking sites to remove all content which are some of the tricks are not holes but an ale Unexpectable by our Indian society.. many people are making fun... How to Access Facebook P by Llnkr without Internet Connection India has estimated 34 million registered Facebook No expand its rtnts more deeper into rural areas and to strengthen its current user How to Access Facebook without Browse Internet Connection Facebook on a India has estimated 34 million registered Facebook To expand its roots more deeper into rural areas secure connection and to strengthen its current user base Facebook has partnered with. (https) by u nkrZM The main idea of
URL: http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.html Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": false, "urgency": false, "captcha": false, "reasons": [ "The webpage does not contain a login form, so the value for loginform is set to false.", "The text does not create a sense of urgency, so the value for urgency is set to false.", "There is no CAPTCHA or anti-robot detection mechanism present on the webpage, so the value for captcha is set to false.", "The webpage contains a script that can be used to spam someone's Facebook wall, which is not a secure practice and goes against Facebook's terms of service. Additionally, the page contains contact information for the author, which may not be relevant to the topic of the page. The page also contains some broken or misspelled words, which can make it difficult for users to understand the content." ] }
Title: How Spammers flooding Facebook wall - FACEBOOK SECURITY OCR: Top Stwies TreMmg Jobs Social Media Tech Business US & World - Videos Featured : Facebook Google* Awards ADD ME AS FRIEND Brcwse Home Tricks and Tips How Spammers flooding Facebook wall Abdul salinm is A personal tech journalist Works at Dell Services Spammers flooding Facebook wall You can find him Dn Twitter Facebook, Google+ by unkr and LinkedIn Or send an emaii to salimp.info@gmail.com Its a Simple trick to post a message on someone facebook wall in n number of times. here is the java scrip which is used to do this methord: Spa rn Alert: TOP STORIES ALL TIME Spam Alert: How Spammers flooding Spam Facebook wall Spam Spam Its a Simple trick to post a message on someone facebook wall in n number of timey here is the java scrip which is used do this methord_ Facebook Wall Post java script : Impress your trelnds with acsdo cool Facebook var a = document . . innerHTML; tricks Today there are few var Num = prompt ( "mall Flooder" " Please Numb e Enter facebook tricks to me sage 3 impress your friends while (Num O) { some may are the hols in facebook and var Num = prompt ("You can' t use a numhez- less than I" some of the tricks are not holes but an ale "Please Enter Number of messages How to Access Facebook without Internet Connection a . match ( / form value = India has estimated 34 million registered Facebook No expand its rtnts more deeper into rural areas and a . match ( / dtsg" value= to strengthen its current user = a .match ( / composerd" value=" Browse Facebook on a Flooder" , prompt ( "mall "Enter your me 3 age var msg secure connection a . match ( / value=" target (https) The main idea of
URL: https://www.blogger.com/profile/04317396537791325342 Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": true, "urgency": false, "captcha": false, "reasons": [ "The text 'Sign in' suggests the presence of a login form.", "The title and text do not contain any elements that create a sense of urgency.", "The title and text do not contain any evidence of a CAPTCHA or anti-robot detection mechanism." ] }
Title: Blogger: User Profile: Unknown OCR: Sign in Blogger Unknown About me On Blogger since January 2012 Profile views - 465 Report Abuse
URL: https://www.blogger.com/profile/07973550498852665411 Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": true, "urgency": false, "captcha": false, "reasons": [ "A login form is present in the webpage, as 'Sign in' button is visible.", "The text does not create a sense of urgency, it is just asking to sign in.", "There is no CAPTCHA or any anti-robot detection mechanism present on the webpage." ] } Explanation: 1. The webpage contains a login form as "Sign in" button is visible. So, the value for the key "loginform" is set to true. 2. The text "Sign in Blogger Unknown My blogs Images and news from nasa ITeckTabs Wonderfull World... Apple Caters Aleph Collective solutions Bio Nanosol On Blogger since The FB Facts May 2010 Digital Futuristic Profile views - Kerala Taste 31783 Abdul salim Latest Photoshop Tutorials and Photography Tricks. Here Report Abuse FACEBOOK SECURITY 666 Coder FB Album Downloader Apple Caters iTechTabs About me" does not create a sense of urgency, so the value for the key "urgency" is set to false. 3. There is no CAPTCHA or any anti-robot detection mechanism present on the webpage, so the value for the key "captcha" is set to false. 4. The reasons array contains the conclusion based on the analysis.
Title: Blogger: User Profile: Unknown OCR: Sign in Blogger Unknown My blogs Images and news from nasa ITeckTabs Wonderfull World... Apple Caters Aleph Collective solutions Bio Nanosol On Blogger since The FB Facts May 2010 Digital Futuristic Profile views - Kerala Taste 31783 Abdul salim Latest Photoshop Tutorials and Photography Tricks. Here Report Abuse FACEBOOK SECURITY 666 Coder FB Album Downloader Apple Caters iTechTabs About me
URL: http://facebooksecurity.blogspot.com Model: gpt-4o	```json { "phishing_score": 8, "brands": "Facebook", "phishing": true, "suspicious_domain": true, "has_loginform": false, "has_captcha": false, "setechniques": true, "has_suspicious_link": true, "legitmate_domain": "facebook.com", "reasons": "The URL 'http://facebooksecurity.blogspot.com' is suspicious because it uses 'blogspot.com' instead of the legitimate 'facebook.com' domain. The page title 'FACEBOOK SECURITY' and content attempt to mimic Facebook's branding, which is a common social usering technique used in phishing attacks. The page asks users to provide their username and password via a mobile dial code, which is highly unusual and suspicious. Additionally, the page does not have a login form or captcha, which are typically present on legitimate security-related pages. The combination of these factors strongly indicates that this is a phishing site." }

URL: http://facebooksecurity.blogspot.com/2012/01/issue-over-facebook-and-google-in-india.html Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": false, "urgency": false, "captcha": false, "reasons": [ "The webpage does not contain a login form explicitly requesting sensitive information.", "The text does not create a sense of urgency.", "The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism." ] } Explanation: 1. The webpage does not contain a login form where sensitive information such as passwords, email addresses, usernames, phone numbers or credit card numbers (CVV) are requested. Therefore, the `loginform` key is set to `false`. 2. The text does not contain any language that creates a sense of urgency, such as "Click here to view document" or "To view secured document click here". Therefore, the `urgency` key is set to `false`. 3. The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism. Therefore, the `captcha` key is set to `false`. 4. The `reasons` key contains an array of strings that explain the conclusions drawn from the analysis.
Title: Issue Over facebook and google in india - FACEBOOK SECURITY OCR: Top Stwies TreMmg Jobs Social Media Tech Business US & World - Videos Featured : Facebook Google* Awards ADD ME AS FRIEND Iss Brcwse Home News Issue Over facebook and google in india Abdul salinm is A personal tech journalist Works at ue Dell Services Over facebook and google in india You can find him Dn Twitter Facebook, Google+ by unkr and LinkedIn Or send an emaii to salimp.info@gmail.com Recently As we all know, that the supreme court of India has asked many social networking sites to remove all content which are Unexpectable by our Indian society.. face! :ook TOP STORIES ALL TIME How Spammers many people are making fun of our social flooding Spam Facebook wall leaders,cricketers, pliticians, social workers and Spam many people this is not good in good sense. Its a Simple trick to post a message on ofcourse can be good for some #oples to take someone facebook revenge and also to make our court wall in n number of has raised good point, i realty appreciate our timey here is the java scrip which is used do this methord_ supreme court Everything have two sides. by looking at all these things, court has given order to Impress your social networking sites to remove all anti-social, anti-religious, disrespectful contents. This action by trelnds with acsdo cool Facebook our court is taken for more then 22 sites. tricks Today there are few court has given time limit upto 6th february to the social networking sites to give reports to court facebook tricks to impress your friends about what actions are taken by them to stop these sort of things i hav few examples which are some may are the hols in facebook and reallly badthis i am just posting not for fun, just to show everyone that its not good Look at this some of the tricks are not holes but an ale video and image that created by peoples How to Access Facebook without Internet Connection India has estimated 34 million registered Facebook No expand its rtnts more deeper into rural areas and to strengthen its current user Browse Facebook on a secure connection (https) The main idea of
URL: https://www.blogger.com Model: gpt-4o	```json { "phishing_score": 0, "brands": "Blogger", "phishing": false, "suspicious_domain": false, "has_loginform": true, "has_captcha": false, "setechniques": false, "has_suspicious_link": false, "legitmate_domain": "blogger.com", "reasons": "The URL 'https://www.blogger.com' is a legitimate domain associated with the Blogger brand, which is a well-known blogging platform owned by Google. The webpage design and elements, such as the 'Sign in' button and 'Report Abuse' link, are consistent with the legitimate Blogger site. There are no indications of social usering techniques or suspicious links. Therefore, the site appears to be legitimate." }

URL: https://www.blogger.com Model: gpt-4o	```json { "phishing_score": 0, "brands": "Blogger", "phishing": false, "suspicious_domain": false, "has_loginform": true, "has_captcha": false, "setechniques": false, "has_suspicious_link": false, "legitmate_domain": "blogger.com", "reasons": "The URL 'https://www.blogger.com' is the legitimate domain for the Blogger platform, which is a well-known blogging service provided by Google. The webpage design and elements, including the 'Sign in' button and the 'Report Abuse' link, are consistent with the legitimate Blogger site. There are no indications of social usering techniques, suspicious links, or other elements commonly associated with phishing sites." }

URL: https://www.youtube.com/embed/rD0_qT0rmuM Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": false, "urgency": false, "captcha": false, "reasons": [ "The webpage does not contain a login form explicitly requesting sensitive information.", "The text does not create a sense of urgency.", "The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism." ] } Explanation: 1. The webpage does not contain a login form where sensitive information such as passwords, email addresses, usernames, phone numbers or credit card numbers (CVV) are requested. Therefore, the `loginform` key is set to `false`. 2. The text does not contain any language that creates a sense of urgency, such as "Click here to view document" or "To view secured document click here". Therefore, the `urgency` key is set to `false`. 3. The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism. Therefore, the `captcha` key is set to `false`. 4. The `reasons` array contains a summary of the findings to support the boolean values assigned to the `loginform`, `urgency`, and `captcha` keys.
Title: Issue Over facebook and google in india - FACEBOOK SECURITY OCR: Top Stwies TreMmg Jobs Social Media Tech Business US & World - Videos Featured : Facebook Google* Awards ADD ME AS FRIEND Iss Brcwse Home News Issue Over facebook and google in india Abdul salinm is A personal tech journalist Works at ue Dell Services Over facebook and google in india You can find him Dn Twitter Facebook, Google+ by unkr and LinkedIn Or send an emaii to salimp.info@gmail.com Recently As we all know, that the supreme court of India has asked many social networking sites to remove all content which are Unexpectable by our Indian society.. face! :ook TOP STORIES ALL TIME How Spammers many people are making fun of our social flooding Spam Facebook wall leaders,cricketers, pliticians, social workers and Spam many people this is not good in good sense. Its a Simple trick to post a message on ofcourse can be good for some #oples to take someone facebook revenge and also to make our court wall in n number of has raised good point, i realty appreciate our timey here is the java scrip which is used do this methord_ supreme court Everything have two sides. by looking at all these things, court has given order to Impress your social networking sites to remove all anti-social, anti-religious, disrespectful contents. This action by trelnds with acsdo cool Facebook our court is taken for more then 22 sites. tricks Today there are few court has given time limit upto 6th february to the social networking sites to give reports to court facebook tricks to impress your friends about what actions are taken by them to stop these sort of things i hav few examples which are some may are the hols in facebook and reallly badthis i am just posting not for fun, just to show everyone that its not good Look at this some of the tricks are not holes but an ale video and image that created by peoples How to Access Facebook without Internet Connection India has estimated 34 million registered Facebook No expand its rtnts more deeper into rural areas and to strengthen its current user Browse Facebook on a Video unavailable secure connection (https) This video is unavailable The main idea of

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3
Category:	dropped
Size (bytes):	4928
Entropy (8bit):	7.887435371392675
Encrypted:	false
SSDEEP:	96:sflDD46YVHNijsjomutStEStEhBPf1ERYk0KPEGKEa14+VZ:sZfsAj0Vu0CSt6SMTqa
MD5:	74ED1B41B74909BE1342DE38A2D4F442
SHA1:	777BAFFF039B6B5644333F23B19D9253410677A1
SHA-256:	3125B7B9D8770625DEAB10852C92252B91C01C3A65F97EDA9748270AAC938101
SHA-512:	2D6BB0487836DBE24ECA6C6A2924A5FD28E6F03C765C098BBBA0AD86C85D13B7DF0779F9E560B7B026DD9DB6067166CD9E450D069CDC4189EECA3754FCE2137F
Malicious:	false
Reputation:	low
Preview:	......JFIF.............Exif..II.......1...............Google..............................................................................................................................................H.H...........................................;..........................!..."1A.Qa.#2.BRq.....%&3Cb....................................3......................!1.AQ.aq....."..2...B..#Rb.............?.Q......d\..T. ..?3.....^.r@_..y.~....X.uN..-4R.J..k.....2.(V$...;>...S..s..f6.[..J7...u....TY.%..%..%[....Q...].W..v./.R.8T......{.0rd..-!....r.h]......TK...R..n?K.....P....T..G.~.=m..K..r.PK.C..A;.N......,Z.z..J....L.4U."9...j.=!.A...9.R.6..n.OW.7f...g..g..mR.ip.`&Y...5....E.j.b.+.F.i...[..MC...Bx..rO.P.$..9."Te-H.gb...j.....^..~9o......E..5!P..b+.....8.J.%\....T...%..'O...0.xPI..;..4.r"...`.R...7w.%....w..v...f..).mq........ .;. ...@_..r.c1...)G4.\N.,..s..'..Y(.....!.z..r%Ne)..... ...O..`.I....\|...2r...t.EA..s..X.y...w;^.9..H..xZ..[.5.p..B.1U%.u.

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jun 11, 2024 00:13:11.238940001 CEST	192.168.2.6	1.1.1.1	0x58aa	Standard query (0)	facebooksecurity.blogspot.pe	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:11.240221024 CEST	192.168.2.6	1.1.1.1	0xf0ba	Standard query (0)	facebooksecurity.blogspot.pe	65	IN (0x0001)	false
Jun 11, 2024 00:13:12.260560989 CEST	192.168.2.6	1.1.1.1	0xce33	Standard query (0)	facebooksecurity.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:12.261219025 CEST	192.168.2.6	1.1.1.1	0x8fdb	Standard query (0)	facebooksecurity.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:13.146584034 CEST	192.168.2.6	1.1.1.1	0x82c0	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:13.147062063 CEST	192.168.2.6	1.1.1.1	0xa762	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:13.370577097 CEST	192.168.2.6	1.1.1.1	0xb1e1	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:13.370929956 CEST	192.168.2.6	1.1.1.1	0xe0c2	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:13.371629000 CEST	192.168.2.6	1.1.1.1	0x8612	Standard query (0)	sites.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:13.372359037 CEST	192.168.2.6	1.1.1.1	0x2d7c	Standard query (0)	sites.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:13.373326063 CEST	192.168.2.6	1.1.1.1	0x25e6	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:13.373789072 CEST	192.168.2.6	1.1.1.1	0x900e	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:13.375484943 CEST	192.168.2.6	1.1.1.1	0xaf8f	Standard query (0)	3.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:13.375775099 CEST	192.168.2.6	1.1.1.1	0x8cf3	Standard query (0)	3.bp.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:13.377259970 CEST	192.168.2.6	1.1.1.1	0xb158	Standard query (0)	1.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:13.377480030 CEST	192.168.2.6	1.1.1.1	0x41e2	Standard query (0)	1.bp.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:14.578761101 CEST	192.168.2.6	1.1.1.1	0x1d7e	Standard query (0)	1.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:14.579076052 CEST	192.168.2.6	1.1.1.1	0xcac7	Standard query (0)	1.bp.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:14.580938101 CEST	192.168.2.6	1.1.1.1	0xee28	Standard query (0)	3.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:14.581113100 CEST	192.168.2.6	1.1.1.1	0x8d9c	Standard query (0)	3.bp.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:14.835884094 CEST	192.168.2.6	1.1.1.1	0x66b6	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:14.836319923 CEST	192.168.2.6	1.1.1.1	0xcc52	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:20.023590088 CEST	192.168.2.6	1.1.1.1	0x1a03	Standard query (0)	blogger.googleusercontent.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:20.024005890 CEST	192.168.2.6	1.1.1.1	0x3beb	Standard query (0)	blogger.googleusercontent.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:20.063751936 CEST	192.168.2.6	1.1.1.1	0x56bd	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:20.063751936 CEST	192.168.2.6	1.1.1.1	0x15bc	Standard query (0)	www.youtube.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:20.076757908 CEST	192.168.2.6	1.1.1.1	0x6a76	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:20.076757908 CEST	192.168.2.6	1.1.1.1	0x1fff	Standard query (0)	www.youtube.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:20.225071907 CEST	192.168.2.6	1.1.1.1	0x9d1e	Standard query (0)	2.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:20.225328922 CEST	192.168.2.6	1.1.1.1	0xf85	Standard query (0)	2.bp.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:20.226501942 CEST	192.168.2.6	1.1.1.1	0xffda	Standard query (0)	4.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:20.226746082 CEST	192.168.2.6	1.1.1.1	0xbfa1	Standard query (0)	4.bp.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:21.111673117 CEST	192.168.2.6	1.1.1.1	0xeea2	Standard query (0)	2.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:21.111876011 CEST	192.168.2.6	1.1.1.1	0xcd1	Standard query (0)	2.bp.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:21.112349987 CEST	192.168.2.6	1.1.1.1	0xaac	Standard query (0)	4.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:21.112509966 CEST	192.168.2.6	1.1.1.1	0x6efd	Standard query (0)	4.bp.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:21.706355095 CEST	192.168.2.6	1.1.1.1	0x9eba	Standard query (0)	blogger.googleusercontent.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:21.706553936 CEST	192.168.2.6	1.1.1.1	0xc093	Standard query (0)	blogger.googleusercontent.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:25.893914938 CEST	192.168.2.6	1.1.1.1	0x5230	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:25.894066095 CEST	192.168.2.6	1.1.1.1	0x7406	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:27.633358955 CEST	192.168.2.6	1.1.1.1	0x2b46	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:27.633625984 CEST	192.168.2.6	1.1.1.1	0xb47	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:32.688673019 CEST	192.168.2.6	1.1.1.1	0x3051	Standard query (0)	facebooksecurity.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:32.689131975 CEST	192.168.2.6	1.1.1.1	0xd2b1	Standard query (0)	facebooksecurity.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:57.456237078 CEST	192.168.2.6	1.1.1.1	0x36af	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:57.456506014 CEST	192.168.2.6	1.1.1.1	0x9203	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Jun 11, 2024 00:13:58.973064899 CEST	192.168.2.6	1.1.1.1	0x5a61	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:13:58.973483086 CEST	192.168.2.6	1.1.1.1	0x31f2	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:01.466034889 CEST	192.168.2.6	1.1.1.1	0xe208	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:01.468153000 CEST	192.168.2.6	1.1.1.1	0xe345	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:03.188332081 CEST	192.168.2.6	1.1.1.1	0xdd52	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:03.188791990 CEST	192.168.2.6	1.1.1.1	0xee7e	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:04.328870058 CEST	192.168.2.6	1.1.1.1	0xba9f	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:04.329193115 CEST	192.168.2.6	1.1.1.1	0x4142	Standard query (0)	play.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:06.346030951 CEST	192.168.2.6	1.1.1.1	0xc3	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:06.346434116 CEST	192.168.2.6	1.1.1.1	0x1b15	Standard query (0)	play.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:16.882179976 CEST	192.168.2.6	1.1.1.1	0x8f71	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:16.882379055 CEST	192.168.2.6	1.1.1.1	0x6c2e	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:23.387995005 CEST	192.168.2.6	1.1.1.1	0xb4cc	Standard query (0)	facebooksecurity.blogspot.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:23.388159037 CEST	192.168.2.6	1.1.1.1	0x3fd5	Standard query (0)	facebooksecurity.blogspot.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:23.388650894 CEST	192.168.2.6	1.1.1.1	0x1911	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:23.388781071 CEST	192.168.2.6	1.1.1.1	0x3f0f	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:23.391376972 CEST	192.168.2.6	1.1.1.1	0xb07	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:23.391640902 CEST	192.168.2.6	1.1.1.1	0x1980	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:23.969105005 CEST	192.168.2.6	1.1.1.1	0xb303	Standard query (0)	sites.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:23.969779968 CEST	192.168.2.6	1.1.1.1	0x34a9	Standard query (0)	sites.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:30.997001886 CEST	192.168.2.6	1.1.1.1	0x982e	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:30.997152090 CEST	192.168.2.6	1.1.1.1	0xc069	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:32.353946924 CEST	192.168.2.6	1.1.1.1	0x58a4	Standard query (0)	i.ytimg.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:32.354120970 CEST	192.168.2.6	1.1.1.1	0xe859	Standard query (0)	i.ytimg.com	65	IN (0x0001)	false
Jun 11, 2024 00:14:34.829571962 CEST	192.168.2.6	1.1.1.1	0xac9a	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:34.829755068 CEST	192.168.2.6	1.1.1.1	0x395c	Standard query (0)	googleads.g.doubleclick.net	65	IN (0x0001)	false
Jun 11, 2024 00:14:34.835779905 CEST	192.168.2.6	1.1.1.1	0x1ff4	Standard query (0)	static.doubleclick.net	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:34.835968971 CEST	192.168.2.6	1.1.1.1	0x751b	Standard query (0)	static.doubleclick.net	65	IN (0x0001)	false
Jun 11, 2024 00:14:37.322581053 CEST	192.168.2.6	1.1.1.1	0xc7ea	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:37.322721958 CEST	192.168.2.6	1.1.1.1	0x7f88	Standard query (0)	googleads.g.doubleclick.net	65	IN (0x0001)	false
Jun 11, 2024 00:14:38.309649944 CEST	192.168.2.6	1.1.1.1	0xbbca	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:14:38.309823036 CEST	192.168.2.6	1.1.1.1	0x754e	Standard query (0)	www.youtube.com	65	IN (0x0001)	false
Jun 11, 2024 00:15:04.886730909 CEST	192.168.2.6	1.1.1.1	0xc8be	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:15:04.886957884 CEST	192.168.2.6	1.1.1.1	0x9cc9	Standard query (0)	play.google.com	65	IN (0x0001)	false
Jun 11, 2024 00:15:07.285505056 CEST	192.168.2.6	1.1.1.1	0x2a4c	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jun 11, 2024 00:15:07.285619020 CEST	192.168.2.6	1.1.1.1	0x9841	Standard query (0)	play.google.com	65	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:11.291773081 CEST	443	OUT	GET / HTTP/1.1 Host: facebooksecurity.blogspot.pe Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:12.254249096 CEST	639	IN	HTTP/1.1 302 Moved Temporarily Location: http://facebooksecurity.blogspot.com/ Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Date: Mon, 10 Jun 2024 22:13:12 GMT Expires: Mon, 10 Jun 2024 22:13:12 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Content-Length: 202 Server: GSE Data Raw: 1f 8b 08 00 00 00 00 00 00 ff 6d 8f c1 0e 82 30 10 44 ef 7c c5 5a cf 50 bd 9a 4a 82 52 c1 04 42 82 3d e8 11 71 15 23 b8 a4 14 13 ff de 52 3d 3a 97 cd ce 4e 32 6f 45 aa f2 2c f4 44 2a a3 d8 0e b5 57 99 0c 73 7a e1 05 14 76 3d e9 4a df db b7 e0 df 83 27 f8 2f b8 29 e2 13 6c 92 6d 91 15 e5 9a cd 77 4e 0c 94 3c 2a bb 2e 9c 98 cd cd 7c 1f 92 83 84 18 af d5 d8 1a 90 5a 93 06 df 9f 2a 97 ff 8a ac eb a9 06 e1 42 f5 d8 e1 d3 40 53 0d d0 b9 9c 88 20 2d e5 6e cd 1a 63 fa 15 e7 d7 aa c6 33 d1 63 c0 7a d4 77 f3 0e ce 2d dd 86 9e 4c 50 53 c7 59 d8 a0 46 c1 a3 30 b0 d8 13 af c3 77 ef 7e 00 8f e3 26 1b f6 00 00 00 Data Ascii: m0D\|ZPJRB=q#R=:N2oE,DWszv=J'/)lmwN<.\|Z*B@S -nc3czw-LPSYF0w~&
Jun 11, 2024 00:13:57.265000105 CEST	6	OUT	Data Raw: 00 Data Ascii:
Jun 11, 2024 00:14:42.280167103 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:12.322837114 CEST	444	OUT	GET / HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:13.265687943 CEST	419	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Expires: Mon, 10 Jun 2024 22:13:13 GMT Date: Mon, 10 Jun 2024 22:13:13 GMT Cache-Control: private, max-age=0 Last-Modified: Thu, 14 Mar 2024 04:14:12 GMT ETag: W/"32199fd45849384259703cfb9ed7f99322695aafd480168da9f763565638bfbd" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 24836 Server: GSE
Jun 11, 2024 00:13:13.273361921 CEST	1236	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 ff ec bd e9 76 1a c9 b6 30 f8 db 7a 8a 28 7c 4f 21 1d 93 40 32 23 59 3e 17 21 34 58 b3 40 93 7d eb d3 4a c8 00 52 4a 32 51 0e 20 e4 5b 7f fa 55 fa 09 fa 6f f7 df ee b5 fa 35 fa 4d 7a ef 88 c8 91 44 53 d9 55 ae 7b 64 2d Data Ascii: v0z(\|O!@2#Y>!4X@}JRJ2Q [Uo5MzDSU{d-K;;v\|e:n3?-}?~zz8\n:firr^c4/@9rn0s]8W'+`4NqKZ(MTSsr^.\l*eib
Jun 11, 2024 00:13:13.273384094 CEST	1236	IN	Data Raw: dd d1 48 b1 66 19 47 03 14 c0 a7 db 8c e2 aa 9a 99 99 40 1f e6 b7 25 78 32 d0 8c d5 fc da d2 18 c6 0d d4 84 1f bb a6 05 4d e2 27 d3 75 60 51 52 fc d8 87 b5 2c d9 da 03 5d 95 f3 f9 7f ac 2d 4d 28 82 ab e8 12 2c ea 81 b1 da 55 6c 8a 45 a1 36 70 06 Data Ascii: HfG@%x2M'u`QR,]-M(,UlE6pPWK1sz~# M%__'nom\|n5rg{YZJ^v%docN1U^4}P!ui4& @PV$\|\Q6Qgm
Jun 11, 2024 00:13:13.273401022 CEST	1236	IN	Data Raw: 26 b6 90 5c 32 00 98 8b b1 04 8c 12 c6 5d 63 03 0b 8c 20 12 57 ba 8b e1 ae c7 73 af c3 c3 c5 b6 b3 d5 30 ac 82 e7 49 ac 8e 3c 3f e3 61 3b 6a 8e 30 99 be 3c 37 30 89 db 8d 41 5b 85 62 61 2b 2f 47 da 2a b0 b6 a8 e3 84 0c ab ac 9c ac 90 8b 0e a4 b2 Data Ascii: &\2]c Ws0I<?a;j0<70A[ba+/G*@#Zt`=\pMaE?3\|P Alqrv!3x\xFZ`xGLBCx?yGo4/IShx?6mxe^NY#gcd`$fv_Z
Jun 11, 2024 00:13:13.273416996 CEST	390	IN	Data Raw: f8 80 1a 0c 1e 9b d3 af bf ff 4d 02 e7 88 d8 9b e3 60 77 75 05 6d a7 df a3 ed e0 97 3e c6 16 24 36 18 31 6d 8b 5b 95 ad fa 1a 81 62 fc 25 7a 2f 32 38 b6 0c 5b 11 64 95 80 d4 22 5c 69 61 0d 85 00 13 88 f6 48 3a 11 04 cf c3 fa 04 1c 85 4a 55 e9 55 Data Ascii: M`wum>$61m[b%z/28[d"\iaH:JUU0$E$#F\|y84IJ]rsEZD!}?c#2O //KJ2y_njFc}>HD^;96 !k6,;7sh0:'yi#Mj
Jun 11, 2024 00:13:13.291817904 CEST	1236	IN	Data Raw: 4c 07 a3 98 01 3d 93 90 ff 96 29 a5 c2 1b b6 48 de 7a 8a 34 96 14 ff 8b 61 ff b3 66 30 8d c6 db 16 f6 7a 0b 3a 43 12 b7 ed 22 52 1b db 92 8d 3a 79 4b dc 85 ec b5 bd c8 6d 3c 57 ec 89 d7 4f 8b c9 e4 bd 94 c2 fc 5e ca 17 e9 fe 7e dc a8 6c 3c dc 0d Data Ascii: L=)Hz4af0z:C"R:yKm<WO^~l<0x:\Iy*"IUsjHeN6H<>~hqt]cKnoKx7dt\|\|<(y7WB#CS<PHxFxdif\|Q}Z3i"\)$
Jun 11, 2024 00:13:13.291892052 CEST	1236	IN	Data Raw: 5e ea d3 47 04 cd b6 7a eb a9 f4 07 f8 f8 35 0f e4 61 f5 3e a4 53 84 ad 0b f1 38 bc 54 3e a4 c7 f7 29 c2 17 53 f4 35 7f c6 de e7 70 21 03 3c 9f d2 6b 48 36 d1 21 f1 01 01 d5 04 03 86 c7 50 40 0c e6 03 0c 06 70 f5 29 0d 9f a2 eb 89 db 25 06 b5 76 Data Ascii: ^Gz5a>S8T>)S5p!<kH6!P@p)%v:L+cHKJ`SdsNwa[gm] KV`.rq>;}*3;yR5{"/}dXLu@wC]y<P#Uawl5W6yd\|>ktxh
Jun 11, 2024 00:13:13.291908026 CEST	424	IN	Data Raw: ac bb f4 da 1e 5b da dc d9 e7 05 eb ce f3 47 f9 6a 99 f8 12 3e 54 21 a1 6f 22 46 58 f9 18 6e f1 7b cf b5 6c 60 49 63 53 13 d2 31 b2 75 1f 31 8d 42 a7 b9 a4 42 9c 28 5f 3d 49 09 3a 50 90 d8 09 7b aa ff 01 0a 58 55 7a 88 b3 c5 ad 97 43 ac 95 11 6d Data Ascii: [Gj>T!o"FXn{l`IcS1u1BB(_=I:P{XUzCmpo<lX'1!&q)V0-+Z5B%2Wk#"?'<YGZjcY)LH@=op`&x ]\1\vU>&^B^9%zBk-P
Jun 11, 2024 00:13:13.291924953 CEST	1236	IN	Data Raw: 00 92 6d 30 84 8d f6 ca 3c e3 ce 47 a5 c7 02 00 31 3f 74 c2 44 87 5e 26 cd 78 e8 f5 dc d4 87 de bd 9e 06 58 f5 c5 24 c0 32 8f 44 49 40 ae 44 48 a0 12 1d 7d 32 72 12 b8 d2 73 e1 89 91 80 b7 5d f7 ac aa 9e 91 11 de 5f 7a 76 65 9f 7c 42 1c 67 21 25 Data Ascii: m0<G1?tD^&xX$2DI@DH}2rs]_zve\|Bg!%P.)1oF&NS$bp'5W{Q4y)P1%-&B\J2];^-O1tR8~( '[_^B{B_Iu~9
Jun 11, 2024 00:13:13.291939974 CEST	1236	IN	Data Raw: fe 20 19 02 96 70 f0 38 76 4f f1 7b 6c f0 5e 99 3f 32 fa ef 38 92 00 e4 e8 50 42 ae 98 c7 46 c3 8b 1d eb c8 fd 7e 8a f1 04 00 c5 47 e4 99 ca 8f 0d c7 2b f3 93 0c 66 df 07 39 18 ca dc 91 8c a4 4d 87 50 ca f6 6f b1 30 dd f0 51 4a ff 22 8a c8 3e d7 Data Ascii: p8vO{l^?28PBF~G+f9MPo0QJ">\|}O=0Eo:&tws=_x~=JVR&jYRj\|EUJ5z41Mib}mw<8aL#M3*3x["nKJRIo
Jun 11, 2024 00:13:13.291955948 CEST	424	IN	Data Raw: b6 c9 af 20 0f fa ce 14 e0 f9 ab 49 fd 8d 35 bf 91 fa 8f 22 f5 4d 3a 01 4a df 64 50 fc d5 74 fe b7 60 e9 6f eb f3 6f 49 e7 db 0a 0b 3e fb ab 49 fc e7 26 15 f8 f0 c6 7e ff 54 b2 3c 30 bb 9a fe 97 2b 18 6f 8c f7 8d f1 fe 5c 36 eb 86 6b 6b 06 b5 6d Data Ascii: I5"M:JdPt`ooI>I&~T<0+o\6kkm}W'/xD@0Jn-'7nZ"oXojKw`mGwFotw?t&zpcWOKoc~l)WQxi7
Jun 11, 2024 00:13:19.999871016 CEST	400	OUT	GET /img/2.jpg HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:20.355834007 CEST	350	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 10 Jun 2024 22:13:20 GMT Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 15847 Server: GSE

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:13.398103952 CEST	333	OUT	GET /jquery-1.7.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:14.011791945 CEST	600	IN	HTTP/1.1 200 OK Connection: keep-alive Content-Length: 33254 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: W/"28feccc0-16f44" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Content-Encoding: gzip Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Date: Mon, 10 Jun 2024 22:13:13 GMT Age: 7835372 X-Served-By: cache-lga21959-LGA, cache-dfw-kdfw8210067-DFW X-Cache: HIT, HIT X-Cache-Hits: 9825, 3 X-Timer: S1718057594.952044,VS0,VE0 Vary: Accept-Encoding
Jun 11, 2024 00:13:14.011989117 CEST	1236	IN	Data Raw: 1f 8b 08 00 00 00 00 00 02 03 c4 bd f9 62 db 48 92 37 f8 ff 3c 85 88 f6 c8 80 99 a2 a4 3a 66 a6 41 c1 5c 1f e5 ae ea ae 6b ca 9e ae ee a1 e8 5a 5c 04 c1 db 24 65 d9 25 72 9e 65 9f 65 9f 6c e3 17 91 99 48 80 90 ec ee fd be dd 3a 44 1c 89 3c 23 e3 Data Ascii: bH7<:fA\kZ\$e%reelH:D<#8tNyo>{jq77Mq>/\|O?Yrcw$}&l'^\f[z8\e<?^e~u;"\Z?rw0wId}TY4+w^\|
Jun 11, 2024 00:13:14.012027025 CEST	1236	IN	Data Raw: a4 13 2d 6f e6 f3 d3 53 5d 51 52 55 c4 f3 ce 20 83 e9 4a 02 db 68 ce d5 25 c3 7c c4 35 4a 7d 19 e3 67 67 a8 89 e0 20 46 2b d4 76 41 c8 32 9e c6 1f 5e e7 bb 1d ed f9 6d 6f 3c 8f 77 3f ad 51 76 bb df 03 a1 53 6b 19 5a 4a 83 74 98 8d 3a 02 33 7e 41 Data Ascii: -oS]QRU Jh%\|5J}gg F+vA2^mo<w?QvSkZJt:3~AGA@P}>d~BafczjzhVDVp<(]i4L4/9_^M9*!y4!@\h0wcagyt~N!QZ1zD$V
Jun 11, 2024 00:13:14.012063026 CEST	1236	IN	Data Raw: 2a a9 ed 03 a9 e9 17 e1 ec dc 81 8d 45 f1 90 50 df 3b 29 68 93 fb 28 38 7c 56 7f 69 d6 96 22 dc 00 b6 9e 46 17 d2 f7 6a a6 ff 5a f5 ab 13 13 d3 1c 3b 14 b5 d2 1f 32 7d 75 3b ed 28 12 7f f4 6d 05 17 d5 d3 1f aa a7 4e d9 65 83 d1 ec 7a 84 8e 88 7b Data Ascii: *EP;)h(8\|Vi"FjZ;2}u;(mNez{'Zl}?a&[JRwymefajUNr?Pb&"A]8s\10aM=t2WPnYwz+&2 Ab~;3<7z03Sv7}uSRw R
Jun 11, 2024 00:13:14.012095928 CEST	636	IN	Data Raw: 5d 56 3a 76 38 4e 21 21 d4 cb d8 b6 ad 15 cb 8d fe d8 4b 55 eb 77 6c ae dc b9 8c 67 b9 e1 40 59 d3 74 50 e6 63 92 a6 94 0c 20 f4 2e 7b ff ee 29 ab 3c de 96 bf e7 a1 43 40 9d e1 eb c9 3b a8 dd 8a ab 6d 29 f6 27 81 25 5e 3f e2 cf 14 2d 5e d8 c6 86 Data Ascii: ]V:v8N!!KUwlg@YtPc .{)<C@;m)'%^?-^2o\|~4tZ#T*`8(jf?!+DnTF(//'.279JG;.Km5kb=.xB[\apjN{0)9HwStv)$G
Jun 11, 2024 00:13:14.012135029 CEST	1236	IN	Data Raw: 21 7f e7 ec cc f9 94 d8 21 7d f8 ef 8a 5c 7c 98 2b cc 9b ee 9f 23 54 e9 af 21 5a d9 4f 20 05 a2 0d 5d 57 ad 89 a7 17 ba 92 fe 73 d6 0a fc 5a ee 26 7e aa 86 39 f1 22 bc 09 88 8f 2b 0a 58 94 e4 7e 1a 98 3b df e3 0a 88 65 bf 59 02 2f da fb c3 41 59 Data Ascii: !!}\\|+#T!ZO ]WsZ&~9"+X~;eY/AY<cypV,j*8NNV5#/#@ \|O?#WqgKbZpOM3,=G$?j ]L_pR$'a,A"uBiMhp}zJ0H
Jun 11, 2024 00:13:14.012165070 CEST	212	IN	Data Raw: 1b ab 9f fd be d0 bf 39 ff 76 bb 66 ec c5 41 c5 69 9a 6f b7 8d e5 17 0d 82 8c a9 ac 60 ab 3e 72 63 cb 63 59 ae a9 d8 cc e6 3d a9 93 aa 9a aa 94 e4 78 ae 2d 0b 2a 08 07 4d e0 cd 70 37 8e 3a 13 96 d8 6b d3 94 05 16 ba 67 b4 15 67 57 65 7f 46 e0 40 Data Ascii: 9vfAio`>rccY=x-*Mp7:kggWeF@LpK 3xg ~#nW{(&jf^Tx.@wE:E~.oxlxrE}U.!0a)}FM5]8
Jun 11, 2024 00:13:14.012198925 CEST	1236	IN	Data Raw: 6c 98 c3 49 bc 39 e4 35 83 65 56 1f 93 18 b8 bd 21 f2 9f ce e3 ed 56 f4 34 f8 88 c6 5b a9 a2 f0 d4 0f f8 b9 cb f4 03 e2 61 30 ab 55 9e 37 89 b2 cd 55 d0 cc 67 49 b4 d8 e3 1a f6 20 31 c2 af 3d 89 d9 38 20 8a a1 a4 a9 94 dd 46 2b 56 e9 9f 01 a6 e0 Data Ascii: lI95eV!V4[a0U7UgI 1=8 F+VuefpsxXDxYS0b8%/>NsMxDCo(;#oUy0N=;Va}#se48DUU62Tx{HsXAu.J=
Jun 11, 2024 00:13:14.012233973 CEST	1236	IN	Data Raw: c4 7b ef 52 c4 65 c7 16 36 1d 89 be ca 94 6c d4 ee be 0a 06 ee 9d d9 15 73 f0 e6 53 b3 21 16 d0 97 87 34 01 fd f6 29 60 30 86 ba 26 86 be ba fe 3a 1b d0 2c e3 e0 db 00 c3 0c 32 d2 18 42 e1 7a b5 d9 1d 19 1b 1c 87 9c c8 ca f7 f0 bb 8a 8e 4e 00 95 Data Ascii: {Re6lsS!4)`0&:,2BzNeWC+>6r=Boby?bW7>lq<~\|~cb&!~ufi\|u?b7 O2~Ow)'BxBx^t4K
Jun 11, 2024 00:13:14.012269974 CEST	424	IN	Data Raw: b8 e8 57 3b e3 b1 47 b8 52 b6 a4 d7 5d 76 bd a7 b8 d4 5b 51 6f c8 ae de 5e 52 e0 24 cd e7 73 fd 7d f4 f8 e2 31 df 83 ef d4 f7 52 9e f7 e1 d3 96 5d d5 ff 0c fc de ef 2c b0 26 f7 c1 69 5c 31 76 6f 60 f7 3f ef 7a 1a af 9b 29 a3 01 9a 49 86 e2 a8 4c Data Ascii: W;GR]v[Qo^R$s}1R],&i\1vo`?z)IL41zC-6.]UU;s%+T+nSqe2C;Xao\eD3#V(`Zm`QGRaQAe9W}q_/j}0'_W_Sn#
Jun 11, 2024 00:13:14.017180920 CEST	1236	IN	Data Raw: e5 79 01 eb 25 12 28 e0 e6 1d de e5 8b 84 44 1f e2 e3 e5 70 34 24 31 7f 4b f5 bf fc e2 df 5f bc 7c fe 6f df 9c 3d fb e6 df 5e 9e 5d 5e a6 e3 b3 3f fe db f3 ff 38 fb ea ab af be fe fa cb af bf 22 dc 03 f2 b1 c6 c9 1f 8b 12 3a b8 c5 d1 c9 bc 91 5a Data Ascii: y%(Dp4$1K_\|o=^]^?8":ZcTC;c4;cOO;6UJH+d7ViDVc5wzF.nj]Q*&V^px c~gw%W0@V"`NOz#RhhuEV?xs:mB{YEWg

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:13.401873112 CEST	439	OUT	GET /-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg HTTP/1.1 Host: 1.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:14.251410007 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="2.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 13767 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 20:37:35 GMT Expires: Tue, 11 Jun 2024 20:37:35 GMT Cache-Control: public, max-age=86400, no-transform Age: 5739 ETag: "v15b1" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff e2 02 40 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 02 30 41 44 42 45 02 10 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 cf 00 06 00 03 00 00 00 00 00 00 61 63 73 70 41 50 50 4c 00 00 00 00 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f6 d6 00 01 00 00 00 00 d3 2d 41 44 42 45 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 63 70 72 74 00 00 00 fc 00 00 00 32 64 65 73 63 00 00 01 30 00 00 00 6b 77 74 70 74 00 00 01 9c 00 00 00 14 62 6b 70 74 00 00 01 b0 00 00 00 14 72 54 52 43 00 00 01 c4 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII*12i:Google0220@ICC_PROFILE0ADBEmntrRGB XYZ acspAPPLnone-ADBEcprt2desc0kwtptbkptrTRCgTRCbTRCrXYZgXYZbXYZtextCopyright 1999 Adobe Systems IncorporateddescAdobe RGB (1998)XYZ QXYZ curv3curv3curv3XYZ OXYZ 4,XYZ &1/CC
Jun 11, 2024 00:13:14.251451015 CEST	1236	IN	Data Raw: 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 Data Ascii: ?!1A"Qa2q#BRb$3Cr4!1AQ
Jun 11, 2024 00:13:14.251502037 CEST	328	IN	Data Raw: b8 b4 e0 e7 f1 26 b8 99 09 6d 45 05 d4 82 4e c7 d7 73 b7 52 40 e8 30 29 1e 05 44 a2 1e 8d 81 26 ed 09 b7 fc 7f 01 4d ad 0e aa 48 20 38 12 39 81 68 9e e1 20 9c 1c 6f b6 36 ae f0 23 7e 08 b6 97 d1 c6 7c b4 bc c3 a0 3c a5 a4 82 12 30 90 b4 85 84 ad Data Ascii: &mENsR@0)D&MH 89h o6#~\|<0K?0='a#MA;lE,w[vNZ>yt"$!dw'i\Amx<71jSr)R!n\|h]g~ h$vAJqjQrt
Jun 11, 2024 00:13:14.251534939 CEST	1236	IN	Data Raw: c7 6b b5 fd 91 6b f2 37 fa 2d 22 69 1c cf f8 9d e2 eb c8 b6 3f 1e 2b e5 2e ba 79 72 0e fb f5 ac fe 83 4f f7 8b fd 49 2f 99 77 a9 b3 d2 ab 08 e6 0d 39 ac 1e 98 e2 62 a8 a4 a7 9f 1b 0d cf bd 6f d5 7d a9 33 17 3b 1c 9b 2e 15 ca 4c 5d 38 47 85 e2 95 Data Ascii: kk7-"i?+.yrOI/w9bo}3;.L]8GUm_T((G]rpl:#0Jzvq@'7qRx2<r:S#VLD;hn;sp>;-OMii1[rA.dnR\rhW Jj
Jun 11, 2024 00:13:14.251568079 CEST	1236	IN	Data Raw: 1e 83 71 56 94 5f 19 c4 81 2a 5d 7b 21 b0 d0 76 18 7c 34 55 da 54 c4 26 72 63 82 85 09 1c ab 2f 92 00 6c 23 3b 8e b9 db a6 f9 a2 ef 7d c0 f6 95 5b 57 d8 56 fb e2 1a 75 d6 9c 09 51 09 0e 2c 24 13 8d 8e e7 1d 7d 68 9d 89 20 a3 5b 91 1b e2 6e a3 37 Data Ascii: qV_*]{!v\|4UT&rc/l#;}[WVuQ,$}h [n7:Rp]P')N)$c95&BefD_Hu D\|n6qA%=7Xji<u'=(z]%+B-G9Q"sF?P%8\|21Apr~nUo
Jun 11, 2024 00:13:14.251599073 CEST	328	IN	Data Raw: 3e 18 e5 9b 24 98 8e 17 10 14 f1 23 c8 40 2a 52 86 7a 7d 77 fe 94 99 ce c1 f6 f6 92 7b 9f 0c 2f 0c e9 89 17 6b 83 69 89 d0 b5 19 d5 61 d5 6f b9 29 fd 91 8f 5e ff 00 6a e8 c9 27 83 9c 5b 45 31 7d 80 cb 6d ba 56 94 84 80 77 1b 93 fe f5 63 0c b2 b6 Data Ascii: >$#@Rz}w{/kiao)^j'[E1}mVwcVHmks#j9 zT^!/VU(?AVhJ}Zyjy(vOL~#~`m@H>'@95s'rF<[e1u 'WU4s`8/U4
Jun 11, 2024 00:13:14.251650095 CEST	1236	IN	Data Raw: 20 85 b6 29 04 0c 69 38 a5 10 25 b8 ed ac ee 9d e8 5c 53 e4 35 64 a3 c3 21 ba b5 08 8c fa 48 00 79 ab 27 d4 e1 da d6 0d f7 4a b3 ba 1b 91 b9 2a 0e a3 04 05 7b 8a 89 a7 b1 c3 62 ee 75 a9 f2 40 2e f6 0f d2 97 84 97 46 11 cc 00 18 fc eb 41 0b 1f 66 Data Ascii: )i8%\S5d!Hy'J{bu@.FAfFx%%,8Phsdf4RJm+ijMU!gPEJY!RNS%(.H)xV6g=iAe[U#s^m@$J)NZ\&UX
Jun 11, 2024 00:13:14.251682997 CEST	1236	IN	Data Raw: 76 c8 c6 7f da ae a9 ed 9c 91 9b d6 46 54 c2 52 2d cb fe a3 b2 68 2b 4f c6 dd e6 22 0c 50 79 52 08 2a 5b 8a f4 4a 46 ea 3f 4f bd 5d ec b6 31 0a 33 ba 5b 1c f5 c4 9d 51 a3 78 a3 74 75 e6 e1 a9 b9 01 08 69 4e cc 84 85 ba 52 0e 47 22 d2 bc a3 62 76 Data Ascii: vFTR-h+O"PyR*[JF?O]13[QxtuiNRG"bv!^#IRfE!jZ.LVu\|g\Yk<H'JYDV6pxofNlZyJyNBS}>aV8D;#:g n(ip)x)Nq<v
Jun 11, 2024 00:13:14.251718044 CEST	1236	IN	Data Raw: 5a 84 1b 69 52 24 42 78 e1 18 48 2a 2a 42 bb 6c 0e c6 bb b5 ec 58 55 a9 7f 86 5e 4e 76 d0 5a b6 1b 1a eb 4d c8 9c 4a 61 c7 9c cb 8e a9 7f 2a 53 cd b1 27 eb 83 4d df 06 ea 9a 8f 38 34 1a 28 aa b5 55 ce 6f 64 d1 d2 5c 68 e2 7d be d5 11 89 d2 19 f8 Data Ascii: ZiR$BxH*BlXU^NvZMJaS'M84(Uod\h}A}3gG/nKTV@JL$@+SEF>J9j}B>XRr\|z76UQ;b4D VFPi_,!u9{r7tikR;y0
Jun 11, 2024 00:13:14.251751900 CEST	636	IN	Data Raw: 6e f7 f6 27 1c 70 e0 99 e1 65 fe cd 1e ce b7 25 33 32 2f 89 fa 42 4a 32 a0 f2 4e 16 94 f6 1d 95 d3 bf b5 44 bd 38 3d de cc ba e8 96 57 ac 8c a5 25 f1 45 ff 00 e3 20 56 bd 1d e1 bc 1c 7d c2 b9 2f 28 f3 2d 6a c9 3e e4 9d fe e6 a2 3b 52 59 f0 6b 63 Data Ascii: n'pe%32/BJ2ND8=W%E V}/(-j>;RYkcT"y~KfU>l\|Sc?12RJrI$ezw-.j_"WM/u>!#~l\Jh*TNa)#'5Z-M?.qKIB{TVGmd3PjV\|(
Jun 11, 2024 00:13:14.256736994 CEST	1236	IN	Data Raw: 43 b5 5f 66 9e 5d f4 c9 c5 fb ad 8a 1b 8d bc 2d 89 a7 24 45 bb da 21 b7 16 d0 e7 91 d6 59 47 92 3b 9d 8f b2 48 f5 db 3f 5a a3 ea 1a 3f 4f f8 b0 5b 79 f9 1b 5e 91 d4 e5 a9 fe 06 a2 59 92 e1 bf 3f ed 15 db 4e c5 63 3c b9 e6 c6 02 aa 85 23 59 ea 24 Data Ascii: C_f]-$E!YG;H?Z?O[y^Y?Nc<#Y$Id<v{U-a_}sk;o?.Jb[)0-lV/k~d89_}1AGdUYl{uW=MNwu%("ek=Dv'"u
Jun 11, 2024 00:14:16.448337078 CEST	442	OUT	GET /-5cLnCWC5OcQ/T8BAm9CL5sI/AAAAAAAABLA/QihYoXvrVyA/s000/quote.png HTTP/1.1 Host: 1.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:14:16.705100060 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="quote.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 887 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:14:16 GMT Expires: Tue, 11 Jun 2024 22:14:16 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v4b0" Content-Type: image/png Vary: Origin Age: 0 Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 2b 00 00 00 26 08 06 00 00 00 5d c3 62 1e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 c3 49 44 41 54 58 85 ed 58 cb 75 22 31 10 ac d6 01 ce a4 e0 00 7c 91 26 03 1c 02 84 80 43 80 10 70 08 38 04 13 c2 92 81 a4 cb dc 4d 08 e6 cc f0 de d4 1e ac f5 03 8d 06 90 c6 7b a3 8e 12 53 af ba 5b fd 03 78 e0 ff 40 86 7c ec 9c 5b 02 98 91 9c 57 55 b5 1f c2 55 d7 f5 e4 74 3a 2d 49 4e 8d 31 26 f5 1b 55 28 72 66 ad fd 04 b0 06 a0 45 64 3d 44 a8 73 6e d9 34 cd 17 c9 25 00 1d 9c d0 41 96 67 eb ba 9e 34 4d b3 01 30 4b 5c cf 8d 31 db 1c 3e ef bd 26 b9 01 a0 a3 ab 03 49 13 47 eb 6e cf 7a ef f5 f1 78 74 b1 50 92 7b 11 79 cd 15 ea 9c 9b 91 [TRUNCATED] Data Ascii: PNGIHDR+&]bsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATXXu"1\|&Cp8M{S[x@\|[WUUt:-IN1&U(rfEd=Dsn4%Ag4M0K\1>&IGnzxtP{ytP;yI=<k#s\5X"$Jum,"x<???}{UlGh4zEB"^}]\|WVn!dx\5Q2mq~Fr?^e~m{Omf-"OkIk"JUUriElRg;dVk?hK.^T+2bP$H"]B,"rN$i1pVgu[97KV)xI\|k'C[X;I 70'xEM]Em;or::=[$/x\$bEe!?hvHH[p!bLJy#O;

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:13.405759096 CEST	439	OUT	GET /-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:14.273955107 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="1.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 6564 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:13:14 GMT Expires: Tue, 11 Jun 2024 22:13:14 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v15af" Content-Type: image/jpeg Vary: Origin Age: 0 Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 02 03 01 01 00 00 00 00 00 00 00 00 00 00 03 04 02 07 01 05 06 00 08 ff c4 00 43 10 00 02 01 03 02 04 03 05 03 08 08 06 03 00 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII12i:Google0220CCC!1AQa"q2#BRbr3s$4CSc1!1AQq"2aBbC?W7J4j5h-<UXy4sR@2j,T9qT"W=-Rhmz- S9TZzUuP2GRG(^E8>Ei)WuP}jn<Q5j-Qh`deTh"i^Z`V'VY=ziRd, TsY \|=P1*h@QyO7MEJY"z(af-<9
Jun 11, 2024 00:13:14.273992062 CEST	1236	IN	Data Raw: 3e 4c 45 69 89 2d 20 db a6 6a 12 fa 06 21 5c 5b 39 18 ce 2a 26 a2 ac 83 31 8e 94 13 29 b5 48 55 da ab 42 27 fb 14 a1 57 a5 09 31 90 6a b4 97 51 9a ad 22 77 38 a8 a4 aa 31 45 a4 8d 56 58 61 b8 f2 a6 d5 a3 18 72 9e f7 29 6d fa 74 aa 64 33 8c f6 f9 Data Ascii: >LEi- j!\[9*&1)HUB'W1jQ"w81EVXar)mtd3i:teIqQ} RYOJ/"]HAx5/?miaK+!\7zTMG(Y8AHE6HeqJ-=).(RKZ{Qi\beBD6eRD
Jun 11, 2024 00:13:14.274025917 CEST	1236	IN	Data Raw: f3 01 96 8d 97 3d c8 22 8b 42 7e 4f 7c 7d da ac d1 3b 88 cc 27 04 6f e5 4a 2d f6 0b bd 5a ce ea dc 9b 53 0b 8e 4e 57 59 15 b9 4f ed 2b 75 c8 ea 05 31 34 aa de 96 d6 ef 4f 4b 78 8a 59 88 42 e0 08 cc 99 00 60 6d 9e b5 5d b5 11 45 6f e5 e7 b7 75 f3 Data Ascii: ="B~O\|};'oJ-ZSNWYO+u14OKxYB`m]Eouj)6L}n+ Yee4F^pfxGk?\|2c-!Ajc:E5TIJ/'zQWZ/"M'n5"J.&{0"#\IfI2MG
Jun 11, 2024 00:13:14.274059057 CEST	636	IN	Data Raw: 32 4d 44 73 de 84 76 23 d2 a4 69 64 c2 9f 85 09 4c f1 34 a7 fe 2d d7 c7 dd 6f b6 b3 15 3b 1e 52 a8 14 e3 c8 e3 63 d0 d7 6c 7e 18 66 4b 5b 48 59 49 27 3e 42 a9 0d c6 98 e5 6d e4 5e 5e 66 7c 6d e9 e5 5c e6 09 ef 62 9c 58 34 cb 1d 67 84 6e 1c 45 7b Data Ascii: 2MDsv#idL4-o;Rcl~fK[HYI'>Bm^^f\|m\bX4gnE{aunp^HbG.:G}sqMu }5h?KK"TwUYijocK!$`pV1V[Q3'I}cqCj"J8;eqSa?9Ox#$
Jun 11, 2024 00:13:14.274095058 CEST	1236	IN	Data Raw: 94 e1 87 4e e2 b9 e5 13 1d cc 75 03 da d7 b2 3d 4a ff 00 51 1a d6 8a 93 db df a1 e6 0f 08 28 e0 f9 83 f4 a3 0c e2 3a 4f 65 31 3d e1 cc f0 97 15 71 62 cf 73 63 c5 11 21 7b 74 53 6f 31 80 c3 24 99 6c 37 37 e8 9c 61 7a 79 d7 48 c3 08 eb 81 e6 ca 7a Data Ascii: Nu=JQ(:Oe1=qbsc!{tSo1$l77azyHzK; t<zqB-p9'\Gf\|,Lc7t'.`SqD12Rzg4p:61]c]5I31>)'rMS
Jun 11, 2024 00:13:14.274122953 CEST	212	IN	Data Raw: cb 36 3b e2 a4 1b 3e f5 af 00 04 8d f2 a5 02 cd d6 94 03 bf a5 20 bb 9a 51 67 6f 33 4a 2f 23 d2 0a c8 db ed 4a 71 7e d1 d3 36 ba 7c 83 f4 65 74 27 e2 a0 fd 2b 50 cc ac 38 de b8 93 31 be dd 68 46 12 4d c7 7a 09 94 7e e7 ad 14 84 0f e5 52 48 3e 7d Data Ascii: 6;> Qgo3J/#Jq~6\|et'+P81hFMz~RH>}2#QqQ0w?L3$'HF$Qs^Ix"w;}_5>(}H@Jhw\#cd>3,jN#y^RGap
Jun 11, 2024 00:13:14.274158955 CEST	1222	IN	Data Raw: 70 33 ef e5 e8 eb 2d 65 e7 b5 81 b3 d6 24 3f dd 15 e8 7c f6 be 49 a4 8b 5d 55 32 f3 47 2a 19 04 61 49 23 6e 52 76 3d 32 07 51 b7 63 5a f0 64 f1 92 aa 21 bb fc a9 00 3c 98 26 95 20 3b e7 1b 9a 50 0f 21 ce e7 6a 80 0e e7 26 b4 8b bb ef 4a 2f 23 83 Data Ascii: p3-e$?\|I]U2G*aI#nRv=2QcZd!<& ;P!j&J/#vzr~$m~ajm-G#QtB7Hj!U/I0FMHqv.kN~>FawIzk(kT:;HO>'~!&\|TLN
Jun 11, 2024 00:13:14.536029100 CEST	439	OUT	GET /-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:14.799983025 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="3.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 11569 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:13:14 GMT Expires: Tue, 11 Jun 2024 22:13:14 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v15b3" Content-Type: image/jpeg Vary: Origin Age: 0 Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 00 1d 00 00 01 05 01 01 01 01 00 00 00 00 00 00 00 00 00 05 02 03 04 06 07 08 01 09 00 ff c4 00 3f 10 00 01 03 03 02 04 03 05 06 04 04 07 01 01 00 [TRUNCATED] Data Ascii: JFIFHHlExifII12i:Google0220CC?!1AQa"2q#BRb3r$4CSc0!1AQ"2aqB#R?3MJR< w@SY3%9)+\H-yFL\|%!ID7w5#%BVPWEScc9TzlFi(4f'%#B!<(8DU%jGB7h)JE@+hMHNZcIJ6ZjmuXb4{6]el]5"]oc]=":fkcsMJkbubd S$w^H
Jun 11, 2024 00:13:14.800004959 CEST	1236	IN	Data Raw: 79 ff 00 c1 70 28 7b a7 b5 0c 95 72 1e 39 5f 0c 90 30 f3 24 73 ed 44 9d 81 38 ed 76 31 15 d5 34 b2 82 6a d7 b0 12 5e 42 4d ab 3c cf 3a 21 63 4f 9e 15 64 75 a8 5a 18 71 dd b7 a8 12 44 60 82 f3 80 0e f4 2f b0 ee 83 31 22 29 29 00 0a 24 25 b0 8b 71 Data Ascii: yp({r9_0$sD8v14j^BM<:!cOduZqD`/1"))$%q%7x;rBYxc)wP03T`bTSR*u3qVdP5U7X#KEBuvD0u#89!+!QpGKrR+g38
Jun 11, 2024 00:13:14.800014973 CEST	1236	IN	Data Raw: f1 34 96 c9 71 1d f9 55 39 57 05 c7 1b 92 b2 bb 72 bc bb 3d 60 fb a0 0c 00 0d 03 76 6a 84 14 55 0c 05 f0 32 9c 64 2b 39 26 a8 22 53 8a 20 b6 f0 f7 56 39 fa d5 fd c5 d7 68 71 e5 79 8d 82 39 d1 5d a1 6b 86 4c b7 b6 98 cc 29 e7 39 f4 cd 5a e1 59 52 Data Ascii: 4qU9Wr=`vjU2d+9&"S V9hqy9]kL)9ZYR{ =i9/Dc_'RT)B5vz\|OA[KH@B0=y&=T`)lr6R3jbq%A\Xc&ZK~iB)VUK'} ,'OZ1rGbNR
Jun 11, 2024 00:13:14.800026894 CEST	1236	IN	Data Raw: 35 d2 bb 47 19 ad ac 13 6e b5 b9 76 bb 33 0d 00 f1 ad 58 57 a0 ac f9 26 b1 c5 c9 9b f1 41 e4 92 8a 3a c3 c3 db 3b 36 1b 74 78 8c a4 21 29 03 8b 1d 4d 79 2c f9 1c db 6c f7 1a 6c 4a 11 49 17 d9 36 d6 a6 34 3d ae 05 77 49 ac 69 9b b9 45 7e 55 ba 7d Data Ascii: 5Gnv3XW&A:;6tx!)My,llJI64=wIiE~U}jS`k(1Re#Xsv!!9qA{xS`mlE+IjuKe)-(xBE~RiEjZc/p"9e7Q&\FF>Zme-n7Hr@K
Jun 11, 2024 00:13:14.800429106 CEST	656	IN	Data Raw: 2c 7e 8c ff 00 63 1c f4 ca 19 7d 68 79 ec b5 69 18 50 96 c3 65 69 f3 72 06 0a 8d 62 9a e4 df 0e ae cd 46 d1 69 85 c0 82 86 80 57 42 93 48 68 65 b2 c9 05 b3 05 f6 9d 46 09 6d 41 5c 2b 1c 40 fc aa 2b 8b 4d 09 9f cf 16 8d af 4d 3b 06 6b 0d 3d f7 38 Data Ascii: ,~c}hyiPeirbFiWBHheFmA\+@+MM;k=8 #+/=2tZJ"#M4;V;%h%!jX9=1W_]%"rp=Jpv#:VMr-qkN:k\vt

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:14.539024115 CEST	439	OUT	GET /-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:15.454025030 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="4.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 23470 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:13:15 GMT Expires: Tue, 11 Jun 2024 22:13:15 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v15b5" Content-Type: image/jpeg Vary: Origin Age: 0 Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 b4 00 00 00 00 00 00 00 ff e2 0c 58 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 0c 48 4c 69 6e 6f 02 10 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 ce 00 02 00 09 00 06 00 31 00 00 61 63 73 70 4d 53 46 54 00 00 00 00 49 45 43 20 73 52 47 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f6 d6 00 01 00 00 00 00 d3 2d 48 50 20 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11 63 70 72 74 00 00 01 50 00 00 00 33 64 65 73 63 00 00 01 84 00 00 00 6c 77 74 70 74 00 00 01 f0 00 00 00 14 62 6b 70 74 00 00 02 04 00 00 00 14 72 58 59 5a 00 00 02 18 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII*12i:Google0220XICC_PROFILEHLinomntrRGB XYZ 1acspMSFTIEC sRGB-HP cprtP3desclwtptbkptrXYZgXYZ,bXYZ@dmndTpdmddvuedLview$lumimeas$tech0rTRC<gTRC<bTRC<textCopyright (c) 1998 Hewlett-Packard CompanydescsRGB IEC61966-2.1sRGB IEC61966-2.1XYZ QXYZ XYZ o8XYZ bXYZ $descIEC http://www.iec.ch
Jun 11, 2024 00:13:15.454065084 CEST	1236	IN	Data Raw: 00 00 00 16 49 45 43 20 68 74 74 70 3a 2f 2f 77 77 77 2e 69 65 63 2e 63 68 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 65 73 63 00 00 00 00 00 00 00 Data Ascii: IEC http://www.iec.chdesc.IEC 61966-2.1 Default RGB colour space - sRGB.IEC 61966-2.1 Default RGB colour space - sRGBdesc,Reference Viewing Condit
Jun 11, 2024 00:13:15.454082012 CEST	1236	IN	Data Raw: 6a 1e 94 1e be 1e e9 1f 13 1f 3e 1f 69 1f 94 1f bf 1f ea 20 15 20 41 20 6c 20 98 20 c4 20 f0 21 1c 21 48 21 75 21 a1 21 ce 21 fb 22 27 22 55 22 82 22 af 22 dd 23 0a 23 38 23 66 23 94 23 c2 23 f0 24 1f 24 4d 24 7c 24 ab 24 da 25 09 25 38 25 68 25 Data Ascii: j>i A l !!H!u!!!"'"U"""##8#f###$$M$\|$$%%8%h%%%&'&W&&&''I'z''((?(q(())8)k))*5h*++6+i++,,9,n,,--A-v--..L.../$/Z///050l0011J11122c2233F3334+4e4455M55567
Jun 11, 2024 00:13:15.454097033 CEST	1236	IN	Data Raw: 6d f6 fb f7 8a f8 19 f8 a8 f9 38 f9 c7 fa 57 fa e7 fb 77 fc 07 fc 98 fd 29 fd ba fe 4b fe dc ff 6d ff ff ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e Data Ascii: m8Ww)KmCCI
Jun 11, 2024 00:13:15.454112053 CEST	848	IN	Data Raw: b7 f5 6c 9f ef a8 25 c4 9b 1f ed ba c1 4e 4f 15 e6 f5 a0 26 59 da f1 3c 60 fa 3d 52 82 3f be ba 83 11 64 c6 d6 b2 d3 a0 73 46 ea 3d 9b 4c c2 ba e0 2a ee 98 ee 79 a1 4c 12 47 fc d5 3c b5 2f 88 fa 9f 1f b2 db 60 0f 17 0e 4d d1 3a 2a cc c4 a4 a7 51 Data Ascii: l%NO&Y<`=R?dsF=LyLG</`M:Q47vS}q,]z+/?$HK%JGw*YXL6M4_egC>sIUfDl"W6[oPm<&kT6CeciJ!J%SHA!1w3Lk
Jun 11, 2024 00:13:15.454128027 CEST	1236	IN	Data Raw: 85 c6 4e 56 b0 9e bf 45 04 44 ea 07 15 d3 d0 ec 4e 22 d4 19 42 f0 54 31 cf d2 bc d2 4a e8 e3 79 b8 4d 9b 0b ac ab 0b 9f 4e 2e d6 cb da e6 30 a5 29 0a 3d b1 4e 23 c5 69 e6 8b 23 94 6e 81 ed 76 60 51 16 62 4f 61 40 ba d1 c6 73 91 42 39 f1 3b d5 28 Data Ascii: NVEDN"BT1JyMN.0)=N#i#nv`QbOa@sB9;(7KZZ5RZkAaG+R}m;SV<PT vT*~%4`yUz%<53D1jDC.Odc+ye^)h$0ghe
Jun 11, 2024 00:13:15.454143047 CEST	1236	IN	Data Raw: 29 1c 92 4f 95 75 88 1c b5 7d ec 8e b3 5b a9 27 40 00 dc 93 c0 28 63 1e 0b 34 27 59 7e c4 5a e2 2d a7 4e 2a da b6 64 df 66 22 4b d7 38 cf be 86 e2 c2 da 94 29 96 90 e7 25 c7 15 95 a4 e0 6d ca 7b 84 8d c5 0b 3b 7d 86 3e 59 c4 d7 11 b4 b4 30 80 4b Data Ascii: )Ou}['@(c4'Y~Z-Ndf"K8)%m{;}>Y0KrCFhtOZnHsbm74R~bRh~gn"SSKKSH#%;(9H-1V(j[;B(D.4K5@>~iJ@fl+ldKDH@
Jun 11, 2024 00:13:15.454159021 CEST	1236	IN	Data Raw: ac 2c 11 ce 32 79 a7 6c a6 21 c1 ca 7c 96 17 55 d3 ae a6 ff 00 3d cf 19 64 b4 4e 40 f5 a3 de 4b 05 c6 e8 67 4a e7 1c a5 6c 8b 62 66 0c b2 5a 1f 01 3d 89 ed 5c 39 e6 46 d9 cb 96 bb 2a 61 6a 23 29 41 70 80 7d 45 0c 2e 34 51 b9 e4 71 55 0f 59 16 1c Data Ascii: ,2yl!\|U=dN@KgJlbfZ=\9F*aj#)Ap}E.4QqUYm `mw5hE/YPI!\|iAU8_[}c")8 %FFLeT]Jp`,1l4)nhnl^S3Hu#7lXE#n6^Q?
Jun 11, 2024 00:13:15.454174042 CEST	1236	IN	Data Raw: 3c c5 0f dd 19 0d ca c7 59 a1 75 87 b2 b6 8a d3 da df 4b 4e 9b 77 89 0a fe f4 97 0c 56 a0 ce 6d 48 0c a9 b2 72 10 ea 55 c2 d6 95 a0 f2 9e d8 03 9a f1 fe d7 57 d5 e1 f5 2c 8a 9d ce 8c 01 72 e6 90 6f 7e 6d 23 50 08 23 7e aa dd 86 53 32 6a 53 3b ce Data Ascii: <YuKNwVmHrUW,ro~m#P#~S2jS;[sAk&}Q#=`riKIIU,'EaT+9kyL&Y_gvv/ZU,vc ZtRITvMNAyQTRYb9uF,\nQhgs
Jun 11, 2024 00:13:15.454188108 CEST	848	IN	Data Raw: fd a7 6f 2e 45 1e 63 d7 35 31 ca ef ed 3b 79 72 28 06 a9 e9 9c a6 a1 26 eb a5 5e 0a 75 85 7b c3 2c c7 39 6d c3 e6 5b 1f b2 af 54 76 57 a0 3d d9 51 e2 ac 73 fb 8a f1 a1 d0 93 b8 f6 f3 1c 8e e3 d8 8a a5 c5 23 2f 30 56 0b 5f 43 7e 1e de 63 af 04 23 Data Ascii: o.Ec51;yr(&^u{,9m[TvW=Qs#/0V_C~c#LXw)$:=sq<j$5VrcSFfkZ>qeF3j"&>Cz+jNZklv'u4rrPD*dX_O#mPETha
Jun 11, 2024 00:13:15.454205036 CEST	1236	IN	Data Raw: 83 f5 f8 7e 82 bc 78 55 18 24 cb 04 ce 61 e4 49 fa 90 7e 6a f1 96 27 9c a4 00 79 11 7f 9e a9 4c e9 cd 37 65 5b 82 dd 0d 5a 78 b8 ad eb f7 76 4c 74 15 76 c9 2d 1d b9 f9 e2 9c 7a 55 64 e0 77 ce ef 2d cc df ff 00 6d 53 8a 4a 7e e5 a4 46 c0 01 d7 4b Data Ascii: ~xU$aI~j'yL7e[ZxvLtv-zUdw-mSJ~FK\|Ffn%UE0s<Z5=JEF6RC?QdnXoCMVm8}GeVNCYEa>g;Ee,Fe7{xhx(ihD}S_
Jun 11, 2024 00:13:20.225986004 CEST	477	OUT	GET /-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:20.484740973 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="[www.gj37765.blogspot.com]bg_search.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 1421 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:13:20 GMT Expires: Tue, 11 Jun 2024 22:13:20 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v15b9" Content-Type: image/png Vary: Origin Age: 0 Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 23 00 00 00 57 08 06 00 00 00 8e 6a fc 8e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 04 d9 49 44 41 54 68 81 ed 99 ef 6f 14 45 1c c6 3f fb a3 d7 eb 71 57 9a b6 41 ae b4 04 63 40 8c 29 4d 2c 0d 84 90 48 d1 57 7d c1 2b ff 01 b0 b4 7d 67 8c be 36 bc c6 98 18 7d 41 41 1a 12 83 89 84 c4 44 23 af a8 52 21 c1 28 88 fc 88 4a 11 34 42 cb b5 a5 b5 bd db d2 bd db db dd f1 c5 76 f7 ee 5a ae b7 57 e1 0e 71 9f cb 24 77 3b 3b 33 cf 3d df 99 ef cc 93 91 b6 be fd b5 a0 8a 50 15 79 ae 46 55 fb f4 8c 71 5a 05 d8 bc a1 b1 2a 44 f4 4c 96 e9 94 de 90 36 b2 a7 c2 b5 35 92 ea 3c 16 cc cc 1b 15 25 a2 2a 12 6b 42 2a 1b 9a a2 8c cf 68 92 69 5a [TRUNCATED] Data Ascii: PNGIHDR#WjsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDAThoE?qWAc@)M,HW}+}g6}AAD#R!(J4BvZWq$w;;3=PyFUqZDL65<%kBhiZGe!_ g4G0-Autq>0c+ZRHC22B Di:61uH#$0j]IVWGhqlm3CV=;F.~LhydJ)#l#5bPA}./+>,M]1R@d>mr6X$WW^A,~v-$Z0[8y>8s77VNR`6QHW-x+L<EnMoV%&phXYMlT]l"I5Wg&,-MQ 1.qc:IsQ~{#Q
Jun 11, 2024 00:13:30.793375015 CEST	442	OUT	GET /-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:31.259349108 CEST	1236	IN	HTTP/1.1 200 OK Content-Type: image/png Vary: Origin Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length ETag: "v12f5" Expires: Tue, 11 Jun 2024 22:13:31 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="main.ico.png" X-Content-Type-Options: nosniff Date: Mon, 10 Jun 2024 22:13:31 GMT Server: fife Content-Length: 908 X-XSS-Protection: 0 Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 02 00 00 00 fc 18 ed a3 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 03 44 49 44 41 54 48 89 bd 56 dd 4e d4 40 14 3e fd a1 ed 6e 59 16 16 c3 8f 12 50 58 44 50 88 c1 10 e4 42 bc f1 1d 8c 4f e1 6b 68 e2 8d 89 0f e0 03 98 98 78 a1 31 8a 7a b3 a2 08 51 22 a0 80 10 d8 f0 cf 2e 8b b0 ec b6 db 99 39 5e b4 b4 33 2d e0 8d eb 64 2e a6 67 ce 39 5f bf 6f ce 99 56 ba f3 e0 23 54 73 a8 08 58 5d 80 2a e7 ff 0f 0c b0 ea 0c 44 04 4d 91 fa db 93 21 a7 f9 cd 62 d1 22 d1 e0 cb cd 66 22 5e c3 5b b6 f6 ed f5 42 39 04 20 c4 34 c5 e1 d1 bd 6b a1 44 8f 5f 2f 3d 9f dc 0c 19 15 20 0f ef f6 d6 d7 1a bc f1 d9 c4 c6 93 37 cb bc 45 46 71 d4 1a 4a f4 4d 6f a6 53 18 19 57 cf 9b a1 ec 00 10 d7 94 90 5b 58 22 53 3f 01 e0 7a 47 52 af 91 ad 0a e5 8d b7 7a 1a a3 9e 71 5d 09 25 8c 30 d0 d5 68 98 ae ca 83 1d 49 c1 8f 91 d1 de e6 13 00 22 0c 64 86 c0 cf 5a 23 00 58 cf 1d 06 2a 75 a7 78 b7 ee 26 a3 b9 c1 74 b7 56 b6 f7 79 06 a1 84 61 06 bc 44 3f d6 0a b6 e3 15 [TRUNCATED] Data Ascii: PNGIHDR sBITODIDATHVN@>nYPXDPBOkhx1zQ".9^3-d.g9_oV#TsX]DM!b"f"^[B9 4kD_/= 7EFqJMoSW[X"S?zGRzq]%0hI"dZ#Xux&tVyaD?H:sqr)scpD=w4:LOFo5x,qIbKk_W($RglN:\ttl,4gIT+"!p:Z>@$]rO0Z\|W6=bPvy9N&%b4C)2jv\NQRlA%o\j8G39D,TDG6A/{5}mu1O%@"\BfdY0EG^Tjm;nT))\|NA"SW%)p-ZO@T(s;nT$2VNo(Zk8[qUtZgDS%P%d6-

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:14.594933033 CEST	330	OUT	GET /-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg HTTP/1.1 Host: 1.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:15.454273939 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="2.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 13767 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 20:37:35 GMT Expires: Tue, 11 Jun 2024 20:37:35 GMT Cache-Control: public, max-age=86400, no-transform Age: 5740 ETag: "v15b1" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff e2 02 40 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 02 30 41 44 42 45 02 10 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 cf 00 06 00 03 00 00 00 00 00 00 61 63 73 70 41 50 50 4c 00 00 00 00 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f6 d6 00 01 00 00 00 00 d3 2d 41 44 42 45 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 63 70 72 74 00 00 00 fc 00 00 00 32 64 65 73 63 00 00 01 30 00 00 00 6b 77 74 70 74 00 00 01 9c 00 00 00 14 62 6b 70 74 00 00 01 b0 00 00 00 14 72 54 52 43 00 00 01 c4 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII*12i:Google0220@ICC_PROFILE0ADBEmntrRGB XYZ acspAPPLnone-ADBEcprt2desc0kwtptbkptrTRCgTRCbTRCrXYZgXYZbXYZtextCopyright 1999 Adobe Systems IncorporateddescAdobe RGB (1998)XYZ QXYZ curv3curv3curv3XYZ OXYZ 4,XYZ &1/CC
Jun 11, 2024 00:13:15.454296112 CEST	1236	IN	Data Raw: 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 Data Ascii: ?!1A"Qa2q#BRb$3Cr4!1AQ
Jun 11, 2024 00:13:15.454320908 CEST	328	IN	Data Raw: b8 b4 e0 e7 f1 26 b8 99 09 6d 45 05 d4 82 4e c7 d7 73 b7 52 40 e8 30 29 1e 05 44 a2 1e 8d 81 26 ed 09 b7 fc 7f 01 4d ad 0e aa 48 20 38 12 39 81 68 9e e1 20 9c 1c 6f b6 36 ae f0 23 7e 08 b6 97 d1 c6 7c b4 bc c3 a0 3c a5 a4 82 12 30 90 b4 85 84 ad Data Ascii: &mENsR@0)D&MH 89h o6#~\|<0K?0='a#MA;lE,w[vNZ>yt"$!dw'i\Amx<71jSr)R!n\|h]g~ h$vAJqjQrt
Jun 11, 2024 00:13:15.454335928 CEST	1236	IN	Data Raw: c7 6b b5 fd 91 6b f2 37 fa 2d 22 69 1c cf f8 9d e2 eb c8 b6 3f 1e 2b e5 2e ba 79 72 0e fb f5 ac fe 83 4f f7 8b fd 49 2f 99 77 a9 b3 d2 ab 08 e6 0d 39 ac 1e 98 e2 62 a8 a4 a7 9f 1b 0d cf bd 6f d5 7d a9 33 17 3b 1c 9b 2e 15 ca 4c 5d 38 47 85 e2 95 Data Ascii: kk7-"i?+.yrOI/w9bo}3;.L]8GUm_T((G]rpl:#0Jzvq@'7qRx2<r:S#VLD;hn;sp>;-OMii1[rA.dnR\rhW Jj
Jun 11, 2024 00:13:15.454351902 CEST	1236	IN	Data Raw: 1e 83 71 56 94 5f 19 c4 81 2a 5d 7b 21 b0 d0 76 18 7c 34 55 da 54 c4 26 72 63 82 85 09 1c ab 2f 92 00 6c 23 3b 8e b9 db a6 f9 a2 ef 7d c0 f6 95 5b 57 d8 56 fb e2 1a 75 d6 9c 09 51 09 0e 2c 24 13 8d 8e e7 1d 7d 68 9d 89 20 a3 5b 91 1b e2 6e a3 37 Data Ascii: qV_*]{!v\|4UT&rc/l#;}[WVuQ,$}h [n7:Rp]P')N)$c95&BefD_Hu D\|n6qA%=7Xji<u'=(z]%+B-G9Q"sF?P%8\|21Apr~nUo
Jun 11, 2024 00:13:15.454372883 CEST	1236	IN	Data Raw: 3e 18 e5 9b 24 98 8e 17 10 14 f1 23 c8 40 2a 52 86 7a 7d 77 fe 94 99 ce c1 f6 f6 92 7b 9f 0c 2f 0c e9 89 17 6b 83 69 89 d0 b5 19 d5 61 d5 6f b9 29 fd 91 8f 5e ff 00 6a e8 c9 27 83 9c 5b 45 31 7d 80 cb 6d ba 56 94 84 80 77 1b 93 fe f5 63 0c b2 b6 Data Ascii: >$#@Rz}w{/kiao)^j'[E1}mVwcVHmks#j9 zT^!/VU(?AVhJ}Zyjy(vOL~#~`m@H>'@95s'rF<[e1u 'WU4s`8/U4
Jun 11, 2024 00:13:15.454389095 CEST	540	IN	Data Raw: 94 36 a1 aa fb 69 d4 32 64 b6 17 2c 5a c2 dd 62 38 d9 4d b4 87 cf 28 70 a8 1e 65 94 a7 97 94 a5 20 9c aa ab db 52 c3 45 d5 10 76 ef 25 b7 ef fe bf 71 74 f8 ab 05 41 5d fa 9a 25 b1 2e 51 12 ae d6 24 bd cd cd cb 95 79 87 5c d1 77 34 31 28 1a e0 58 Data Ascii: 6i2d,Zb8M(pe REv%qtA]%.Q$y\w41(Xy1Gz7&/j)xk.Cc=['T#bTjK#sm-#IlOUffuJGI<X(u4b&AM?dN:yT'p^9Y$+,iD?Y,Jf{
Jun 11, 2024 00:13:15.454404116 CEST	1236	IN	Data Raw: 20 8a 6e 15 c5 c6 a4 a5 28 8e fb 69 e5 70 29 78 29 19 fc d3 e9 4e a6 f8 18 e3 71 3c ab b3 76 cb 87 88 c3 be 37 2f 95 45 23 98 29 24 e7 72 36 a7 23 16 fc 0b 9c 97 5f 0c ae 2e dc 6c 85 a2 a1 e1 c3 50 4b 5f bc 10 bc a8 24 8f 44 a8 2b 1f fb 63 b5 55 Data Ascii: n(ip)x)Nq<v7/E#)$r6#_.lPK_$D+cUYsE=AIL3BK!C;d9N:H#hRT2\|vKY choZ\%7vlzQauVI,9+tv0V55)`}TcyCe
Jun 11, 2024 00:13:15.454421043 CEST	212	IN	Data Raw: 2c 21 75 c9 c0 39 82 bf 7b eb f7 a7 e1 c0 dd 8f 72 37 74 69 6b c0 09 d8 ec 52 3b 8a 79 30 13 3f 13 e5 42 b0 4a 46 30 00 14 04 6b 38 02 71 c4 ad 7c b8 cf 2e e7 3d 46 69 32 43 8f 22 d9 40 0c a4 76 cd 70 92 dc dd a1 2c d3 2f 5a b1 b8 50 70 80 b4 73 Data Ascii: ,!u9{r7tikR;y0?BJF0k8q\|.=Fi2C"@vp,/ZPpsH}_#WIG--mn?iwZIS+lx\|nCd)$(jr\umWG;!bzY!bTx,1
Jun 11, 2024 00:13:15.454435110 CEST	1236	IN	Data Raw: bd 6a da b5 92 b6 7c 8b a6 2b 20 d3 d2 8e 50 dc 5e e1 ac 9e 95 f3 57 93 78 c6 0c 1f e5 42 0b 0e 66 90 40 e6 7b 57 02 c3 1a 14 42 06 b2 37 19 00 e0 e7 71 b5 2f 3b 0a 9b 5b a2 01 c6 3d 44 b9 1a 9a d2 cf 81 e0 34 95 2d 45 59 ce 4a 80 18 fa 6d 59 2e Data Ascii: j\|+ P^WxBf@{WB7q/;[=D4-EYJmY.v,gc=`Yz^8AvoSZ!Sz>#aQOqZO:Z%eaZpW1AoKc@}D/k=!n8+L0o-.~wc*5nin>PU[ (@
Jun 11, 2024 00:13:15.462039948 CEST	1236	IN	Data Raw: 7b 54 39 2c 32 44 5e c0 6a 3b 1a 99 53 23 58 05 27 a1 c5 58 44 83 27 86 6e 61 5d 2b e6 43 d1 58 7b 07 a5 20 23 16 0d 23 04 60 c1 e9 4a 20 7b 3d ab 8e 0f 64 74 a5 38 53 c4 1b 4f e9 6d 1b 3d a0 32 a4 a3 9c 53 73 8f 74 5a 25 e9 2c f4 ee 8c 8a ab 45 Data Ascii: {T9,2D^j;S#X'XD'na]+CX{ ##`J {=dt8SOm=2SstZ%,EOV5=~,3EJ>d$:?0v$jZnO)+K2<Y_>cDZ&qzQ!6:l=8n{va`FdGqSkYC_f]-$E!YG
Jun 11, 2024 00:14:17.069657087 CEST	333	OUT	GET /-5cLnCWC5OcQ/T8BAm9CL5sI/AAAAAAAABLA/QihYoXvrVyA/s000/quote.png HTTP/1.1 Host: 1.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:14:17.320445061 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="quote.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 887 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:14:16 GMT Expires: Tue, 11 Jun 2024 22:14:16 GMT Cache-Control: public, max-age=86400, no-transform Age: 1 ETag: "v4b0" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 2b 00 00 00 26 08 06 00 00 00 5d c3 62 1e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 c3 49 44 41 54 58 85 ed 58 cb 75 22 31 10 ac d6 01 ce a4 e0 00 7c 91 26 03 1c 02 84 80 43 80 10 70 08 38 04 13 c2 92 81 a4 cb dc 4d 08 e6 cc f0 de d4 1e ac f5 03 8d 06 90 c6 7b a3 8e 12 53 af ba 5b fd 03 78 e0 ff 40 86 7c ec 9c 5b 02 98 91 9c 57 55 b5 1f c2 55 d7 f5 e4 74 3a 2d 49 4e 8d 31 26 f5 1b 55 28 72 66 ad fd 04 b0 06 a0 45 64 3d 44 a8 73 6e d9 34 cd 17 c9 25 00 1d 9c d0 41 96 67 eb ba 9e 34 4d b3 01 30 4b 5c cf 8d 31 db 1c 3e ef bd 26 b9 01 a0 a3 ab 03 49 13 47 eb 6e cf 7a ef f5 f1 78 74 b1 50 92 7b 11 79 cd 15 ea 9c 9b 91 [TRUNCATED] Data Ascii: PNGIHDR+&]bsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATXXu"1\|&Cp8M{S[x@\|[WUUt:-IN1&U(rfEd=Dsn4%Ag4M0K\1>&IGnzxtP{ytP;yI=<k#s\5X"$Jum,"x<???}{UlGh4zEB"^}]\|WVn!dx\5Q2mq~Fr?^e~m{Omf-"OkIk"JUUriElRg;dVk?hK.^T+2bP$H"]B,"rN$i1pVgu[97KV)xI\|k'C[X;I 70'xEM]Em;or::=[$/x\$bEe!?hvHH[p!bLJy#O;

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:14.615320921 CEST	330	OUT	GET /-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:15.455105066 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="1.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 6564 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:13:14 GMT Expires: Tue, 11 Jun 2024 22:13:14 GMT Cache-Control: public, max-age=86400, no-transform Age: 1 ETag: "v15af" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 02 03 01 01 00 00 00 00 00 00 00 00 00 00 03 04 02 07 01 05 06 00 08 ff c4 00 43 10 00 02 01 03 02 04 03 05 03 08 08 06 03 00 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII12i:Google0220CCC!1AQa"q2#BRbr3s$4CSc1!1AQq"2aBbC?W7J4j5h-<UXy4sR@2j,T9qT"W=-Rhmz- S9TZzUuP2GRG(^E8>Ei)WuP}jn<Q5j-Qh`deTh"i^Z`V'VY=ziRd, TsY \|=P1*h@QyO7MEJY"z(af-<9
Jun 11, 2024 00:13:15.455127954 CEST	1236	IN	Data Raw: 3e 4c 45 69 89 2d 20 db a6 6a 12 fa 06 21 5c 5b 39 18 ce 2a 26 a2 ac 83 31 8e 94 13 29 b5 48 55 da ab 42 27 fb 14 a1 57 a5 09 31 90 6a b4 97 51 9a ad 22 77 38 a8 a4 aa 31 45 a4 8d 56 58 61 b8 f2 a6 d5 a3 18 72 9e f7 29 6d fa 74 aa 64 33 8c f6 f9 Data Ascii: >LEi- j!\[9*&1)HUB'W1jQ"w81EVXar)mtd3i:teIqQ} RYOJ/"]HAx5/?miaK+!\7zTMG(Y8AHE6HeqJ-=).(RKZ{Qi\beBD6eRD
Jun 11, 2024 00:13:15.455143929 CEST	1236	IN	Data Raw: f3 01 96 8d 97 3d c8 22 8b 42 7e 4f 7c 7d da ac d1 3b 88 cc 27 04 6f e5 4a 2d f6 0b bd 5a ce ea dc 9b 53 0b 8e 4e 57 59 15 b9 4f ed 2b 75 c8 ea 05 31 34 aa de 96 d6 ef 4f 4b 78 8a 59 88 42 e0 08 cc 99 00 60 6d 9e b5 5d b5 11 45 6f e5 e7 b7 75 f3 Data Ascii: ="B~O\|};'oJ-ZSNWYO+u14OKxYB`m]Eouj)6L}n+ Yee4F^pfxGk?\|2c-!Ajc:E5TIJ/'zQWZ/"M'n5"J.&{0"#\IfI2MG
Jun 11, 2024 00:13:15.455158949 CEST	1236	IN	Data Raw: 32 4d 44 73 de 84 76 23 d2 a4 69 64 c2 9f 85 09 4c f1 34 a7 fe 2d d7 c7 dd 6f b6 b3 15 3b 1e 52 a8 14 e3 c8 e3 63 d0 d7 6c 7e 18 66 4b 5b 48 59 49 27 3e 42 a9 0d c6 98 e5 6d e4 5e 5e 66 7c 6d e9 e5 5c e6 09 ef 62 9c 58 34 cb 1d 67 84 6e 1c 45 7b Data Ascii: 2MDsv#idL4-o;Rcl~fK[HYI'>Bm^^f\|m\bX4gnE{aunp^HbG.:G}sqMu }5h?KK"TwUYijocK!$`pV1V[Q3'I}cqCj"J8;eqSa?9Ox#$
Jun 11, 2024 00:13:15.455174923 CEST	1236	IN	Data Raw: 1a 16 6b 99 9e e2 76 3b c9 2b 16 6c 01 80 32 6b 9e 59 5f 66 a2 1d 1e ae 73 a5 df 64 0f fa 79 46 33 d7 dc 35 8c a7 a4 ba 61 f1 e3 eb 0a eb 87 35 3e 5b 3d 5e da da 08 ed e5 83 4e 69 50 c5 f7 99 b9 97 19 6e fb 8d bc ab c1 ab 1f 77 2b 9e f0 fd 07 15 Data Ascii: kv;+l2kY_fsdyF35a5>[=^NiPnw+g&KoQl{0h'l.<Q8/6qyOY;-/hHu+TE`Ho2Wu*Dx^J"[E2M8-RkS3zfq
Jun 11, 2024 00:13:15.455190897 CEST	834	IN	Data Raw: 91 fd 28 43 c6 f8 a9 0a 1f 22 84 9a 38 1f ca 82 32 c9 50 10 49 f3 a0 b3 e2 74 39 df cb 14 26 44 b9 eb 51 2f 7c 9e 3c 38 03 99 94 f3 2e 3a fa d6 33 c7 9a 3a 28 e8 d4 2d c1 2d 80 41 db a1 af 14 c3 a2 2f a9 8b 7b 7b 88 e4 6f 73 c2 71 9f d5 ca 9e 9e Data Ascii: (C"82PIt9&DQ/\|<8.:3:(--A/{{osq"^QJ7no{}dRpJssq'v,xOId1fsww\|]E}iK*qbxqDqk0^#r:d{NpF}lq
Jun 11, 2024 00:14:00.467246056 CEST	6	OUT	Data Raw: 00 Data Ascii:
Jun 11, 2024 00:14:45.473037004 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:14.845355034 CEST	330	OUT	GET /-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:15.704616070 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="3.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 11569 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:13:14 GMT Expires: Tue, 11 Jun 2024 22:13:14 GMT Cache-Control: public, max-age=86400, no-transform Age: 1 ETag: "v15b3" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 00 1d 00 00 01 05 01 01 01 01 00 00 00 00 00 00 00 00 00 05 02 03 04 06 07 08 01 09 00 ff c4 00 3f 10 00 01 03 03 02 04 03 05 06 04 04 07 01 01 00 [TRUNCATED] Data Ascii: JFIFHHlExifII12i:Google0220CC?!1AQa"2q#BRb3r$4CSc0!1AQ"2aqB#R?3MJR< w@SY3%9)+\H-yFL\|%!ID7w5#%BVPWEScc9TzlFi(4f'%#B!<(8DU%jGB7h)JE@+hMHNZcIJ6ZjmuXb4{6]el]5"]oc]=":fkcsMJkbubd S$w^H
Jun 11, 2024 00:13:15.704695940 CEST	1236	IN	Data Raw: 79 ff 00 c1 70 28 7b a7 b5 0c 95 72 1e 39 5f 0c 90 30 f3 24 73 ed 44 9d 81 38 ed 76 31 15 d5 34 b2 82 6a d7 b0 12 5e 42 4d ab 3c cf 3a 21 63 4f 9e 15 64 75 a8 5a 18 71 dd b7 a8 12 44 60 82 f3 80 0e f4 2f b0 ee 83 31 22 29 29 00 0a 24 25 b0 8b 71 Data Ascii: yp({r9_0$sD8v14j^BM<:!cOduZqD`/1"))$%q%7x;rBYxc)wP03T`bTSR*u3qVdP5U7X#KEBuvD0u#89!+!QpGKrR+g38
Jun 11, 2024 00:13:15.704710960 CEST	1236	IN	Data Raw: f1 34 96 c9 71 1d f9 55 39 57 05 c7 1b 92 b2 bb 72 bc bb 3d 60 fb a0 0c 00 0d 03 76 6a 84 14 55 0c 05 f0 32 9c 64 2b 39 26 a8 22 53 8a 20 b6 f0 f7 56 39 fa d5 fd c5 d7 68 71 e5 79 8d 82 39 d1 5d a1 6b 86 4c b7 b6 98 cc 29 e7 39 f4 cd 5a e1 59 52 Data Ascii: 4qU9Wr=`vjU2d+9&"S V9hqy9]kL)9ZYR{ =i9/Dc_'RT)B5vz\|OA[KH@B0=y&=T`)lr6R3jbq%A\Xc&ZK~iB)VUK'} ,'OZ1rGbNR
Jun 11, 2024 00:13:15.704725027 CEST	1236	IN	Data Raw: 35 d2 bb 47 19 ad ac 13 6e b5 b9 76 bb 33 0d 00 f1 ad 58 57 a0 ac f9 26 b1 c5 c9 9b f1 41 e4 92 8a 3a c3 c3 db 3b 36 1b 74 78 8c a4 21 29 03 8b 1d 4d 79 2c f9 1c db 6c f7 1a 6c 4a 11 49 17 d9 36 d6 a6 34 3d ae 05 77 49 ac 69 9b b9 45 7e 55 ba 7d Data Ascii: 5Gnv3XW&A:;6tx!)My,llJI64=wIiE~U}jS`k(1Re#Xsv!!9qA{xS`mlE+IjuKe)-(xBE~RiEjZc/p"9e7Q&\FF>Zme-n7Hr@K
Jun 11, 2024 00:13:15.704739094 CEST	1236	IN	Data Raw: 2c 7e 8c ff 00 63 1c f4 ca 19 7d 68 79 ec b5 69 18 50 96 c3 65 69 f3 72 06 0a 8d 62 9a e4 df 0e ae cd 46 d1 69 85 c0 82 86 80 57 42 93 48 68 65 b2 c9 05 b3 05 f6 9d 46 09 6d 41 5c 2b 1c 40 fc aa 2b 8b 4d 09 9f cf 16 8d af 4d 3b 06 6b 0d 3d f7 38 Data Ascii: ,~c}hyiPeirbFiWBHheFmA\+@+MM;k=8 #+/=2tZJ"#M4;V;%h%!jX9=1W_]%"rp=Jpv#:VMr-qkN:k\vt
Jun 11, 2024 00:13:15.704761982 CEST	1236	IN	Data Raw: b2 86 f4 39 21 19 2a 63 30 e4 9e 29 29 c1 d3 47 30 f8 df e0 6d db 4a c1 97 7a d2 ea 7e ed 64 6d 25 6f c4 57 b5 2e 12 7b 90 3f c4 40 fd 43 71 d4 75 ae 54 b0 6d 76 ba 3d 66 9f e2 6b 2a d9 97 89 7f 66 73 95 a3 c4 2f e2 0b 7d 92 b0 7c b4 e3 63 9c 93 Data Ascii: 9!c0))G0mJz~dm%oW.{?@CquTmv=fkfs/}\|cUYL'f%PbCTteOj#GW*? 8oVM'Yx~.mHnKIq\IRB@5d{/RX5Q) !c!<PkKnn-J=R
Jun 11, 2024 00:13:15.704786062 CEST	1236	IN	Data Raw: 43 d7 e7 90 4c 46 4f 22 19 1f f7 55 fc de e8 f5 ac f3 9a 89 d9 c1 a5 6f 99 ff 00 43 97 75 76 83 d6 7a 72 eb 2a fe f4 c7 b5 23 52 15 c7 21 ec e5 f1 eb 8e a0 0e 83 95 45 38 64 e1 f0 cd ea 12 c4 b8 e8 72 c3 ab 53 3a d4 5c 43 81 63 88 82 0f 30 76 07 Data Ascii: CLFO"UoCuvzr#R!E8drS:\Cc0v4{iN\)IT)Q\qx8~X#p1nI!4/.C62v#v.mQ2QZ3Z2}/oqA?2\-q#_?C"?/;"
Jun 11, 2024 00:13:15.704802036 CEST	1236	IN	Data Raw: 4c ad 37 6c 90 8d 11 68 77 52 48 6c 94 3f 76 42 38 e0 43 ee a0 06 ef 91 fc be c0 ea 4f 2a 9b a3 7c be 4d d8 b4 cd b4 e7 c2 31 7d 3b 30 5f 16 ab d4 ab 83 b7 5d 45 3c 65 c9 f2 97 c6 48 1f b0 4a 7a 24 60 0e 82 b2 4e 4d f6 76 f1 e3 50 5f 2a 2e 56 cb Data Ascii: L7lhwRHl?vB8CO\|M1};0_]E<eHJz$`NMvP_.V`KSsJ{QoRv1wRuE%+<{Fz??S9v,m9yF}K[wm_Lp`usnTW@7=JAESEIoQOZdfbv[%>jB
Jun 11, 2024 00:13:15.704817057 CEST	1236	IN	Data Raw: 62 1f 01 25 47 27 6c d0 74 3d 49 12 5b b7 47 73 d9 6d 21 2a e1 dc 9e 75 76 35 48 90 c6 9e f3 32 78 76 cf 4e d5 43 51 36 35 9d 6c e1 4d ac 8f 8d 0b 1a a2 5b 6c ef 39 e5 16 25 a4 3e c2 c6 14 db a9 0a 49 f8 83 b5 2a 4a f9 43 52 f0 45 bd 78 37 a7 af Data Ascii: b%G'lt=I[Gsm!uv5H2xvNCQ65lM[l9%>IJCREx7iw5~}[;}1W_qR,~mAm-D75+K@)gdl28kB_.9Go+X5]VK>$~e[KwZ-O_R~U6K(S=m\
Jun 11, 2024 00:13:15.704833031 CEST	896	IN	Data Raw: 1a 8c 98 f9 bb 34 4b 2f 88 f1 a5 a5 2d ba af bb bd 8f 75 ce 44 fa 1a e6 64 d2 4e 1c c7 94 74 b1 6b 21 3e 1b a7 f7 2c 8d ea 14 a8 65 2e 15 7c f6 35 89 c1 f9 3a 0b 21 36 2e a6 c6 38 94 76 e5 83 b0 aa 70 0d 64 68 2f 07 52 34 1d 2b 5a ca b2 91 9c 9e Data Ascii: 4K/-uDdNtk!>,e.\|5:!6.8vpdh/R4+ZBh_eKi?4c6:d1/aeTG8}0{VjT7qO,l?Y7Z4CVBM%t(dU43jJS.IH_br~]4[I
Jun 11, 2024 00:13:15.769758940 CEST	330	OUT	GET /-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:16.026614904 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="4.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 23470 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:13:15 GMT Expires: Tue, 11 Jun 2024 22:13:15 GMT Cache-Control: public, max-age=86400, no-transform Age: 0 ETag: "v15b5" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 b4 00 00 00 00 00 00 00 ff e2 0c 58 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 0c 48 4c 69 6e 6f 02 10 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 ce 00 02 00 09 00 06 00 31 00 00 61 63 73 70 4d 53 46 54 00 00 00 00 49 45 43 20 73 52 47 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f6 d6 00 01 00 00 00 00 d3 2d 48 50 20 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11 63 70 72 74 00 00 01 50 00 00 00 33 64 65 73 63 00 00 01 84 00 00 00 6c 77 74 70 74 00 00 01 f0 00 00 00 14 62 6b 70 74 00 00 02 04 00 00 00 14 72 58 59 5a 00 00 02 18 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII*12i:Google0220XICC_PROFILEHLinomntrRGB XYZ 1acspMSFTIEC sRGB-HP cprtP3desclwtptbkptrXYZgXYZ,bXYZ@dmndTpdmddvuedLview$lumimeas$tech0rTRC<gTRC<bTRC<textCopyright (c) 1998 Hewlett-Packard CompanydescsRGB IEC61966-2.1sRGB IEC61966-2.1XYZ QXYZ XYZ o8XYZ bXYZ $descIEC http://www.iec.ch
Jun 11, 2024 00:13:16.026752949 CEST	1236	IN	Data Raw: 00 00 00 16 49 45 43 20 68 74 74 70 3a 2f 2f 77 77 77 2e 69 65 63 2e 63 68 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 65 73 63 00 00 00 00 00 00 00 Data Ascii: IEC http://www.iec.chdesc.IEC 61966-2.1 Default RGB colour space - sRGB.IEC 61966-2.1 Default RGB colour space - sRGBdesc,Reference Viewing Condit
Jun 11, 2024 00:13:20.491429090 CEST	368	OUT	GET /-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:20.748193979 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="[www.gj37765.blogspot.com]bg_search.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 1421 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:13:20 GMT Expires: Tue, 11 Jun 2024 22:13:20 GMT Cache-Control: public, max-age=86400, no-transform Age: 0 ETag: "v15b9" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 23 00 00 00 57 08 06 00 00 00 8e 6a fc 8e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 04 d9 49 44 41 54 68 81 ed 99 ef 6f 14 45 1c c6 3f fb a3 d7 eb 71 57 9a b6 41 ae b4 04 63 40 8c 29 4d 2c 0d 84 90 48 d1 57 7d c1 2b ff 01 b0 b4 7d 67 8c be 36 bc c6 98 18 7d 41 41 1a 12 83 89 84 c4 44 23 af a8 52 21 c1 28 88 fc 88 4a 11 34 42 cb b5 a5 b5 bd db d2 bd db db dd f1 c5 76 f7 ee 5a ae b7 57 e1 0e 71 9f cb 24 77 3b 3b 33 cf 3d df 99 ef cc 93 91 b6 be fd b5 a0 8a 50 15 79 ae 46 55 fb f4 8c 71 5a 05 d8 bc a1 b1 2a 44 f4 4c 96 e9 94 de 90 36 b2 a7 c2 b5 35 92 ea 3c 16 cc cc 1b 15 25 a2 2a 12 6b 42 2a 1b 9a a2 8c cf 68 92 69 5a [TRUNCATED] Data Ascii: PNGIHDR#WjsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDAThoE?qWAc@)M,HW}+}g6}AAD#R!(J4BvZWq$w;;3=PyFUqZDL65<%kBhiZGe!_ g4G0-Autq>0c+ZRHC22B Di:61uH#$0j]IVWGhqlm3CV=;F.~LhydJ)#l#5bPA}./+>,M]1R@d>mr6X$WW^A,~v-$Z0[8y>8s77VNR`6QHW-x+L<EnMoV%&phXYMlT]l"I5Wg&,-MQ 1.qc:IsQ~{#Q
Jun 11, 2024 00:13:31.264435053 CEST	333	OUT	GET /-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:31.521450996 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="main.ico.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 908 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 22:13:31 GMT Expires: Tue, 11 Jun 2024 22:13:31 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v12f5" Content-Type: image/png Vary: Origin Age: 0 Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 02 00 00 00 fc 18 ed a3 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 03 44 49 44 41 54 48 89 bd 56 dd 4e d4 40 14 3e fd a1 ed 6e 59 16 16 c3 8f 12 50 58 44 50 88 c1 10 e4 42 bc f1 1d 8c 4f e1 6b 68 e2 8d 89 0f e0 03 98 98 78 a1 31 8a 7a b3 a2 08 51 22 a0 80 10 d8 f0 cf 2e 8b b0 ec b6 db 99 39 5e b4 b4 33 2d e0 8d eb 64 2e a6 67 ce 39 5f bf 6f ce 99 56 ba f3 e0 23 54 73 a8 08 58 5d 80 2a e7 ff 0f 0c b0 ea 0c 44 04 4d 91 fa db 93 21 a7 f9 cd 62 d1 22 d1 e0 cb cd 66 22 5e c3 5b b6 f6 ed f5 42 39 04 20 c4 34 c5 e1 d1 bd 6b a1 44 8f 5f 2f 3d 9f dc 0c 19 15 20 0f ef f6 d6 d7 1a bc f1 d9 c4 c6 93 37 cb bc 45 46 71 d4 1a 4a f4 4d 6f a6 53 18 19 57 cf 9b a1 ec 00 10 d7 94 90 5b 58 22 53 3f 01 e0 7a 47 52 af 91 ad 0a e5 8d b7 7a 1a a3 9e 71 5d 09 25 8c 30 d0 d5 68 98 ae ca 83 1d 49 c1 8f 91 d1 de e6 13 00 22 0c 64 86 c0 cf 5a 23 00 58 cf 1d 06 2a 75 a7 78 b7 ee 26 a3 b9 c1 74 b7 56 b6 f7 79 06 a1 84 61 06 bc 44 3f d6 0a b6 e3 15 [TRUNCATED] Data Ascii: PNGIHDR sBITODIDATHVN@>nYPXDPBOkhx1zQ".9^3-d.g9_oV#TsX]DM!b"f"^[B9 4kD_/= 7EFqJMoSW[X"S?zGRzq]%0hI"dZ#Xux&tVyaD?H:sqr)scpD=w4:LOFo5x,qIbKk_W($RglN:\ttl,4gIT+"!p:Z>@$]rO0Z\|W6=bPvy9N&%b4C)2jv\NQRlA%o\j8G39D,TDG6A/{5}mu1O%@"\BfdY0EG^Tjm;nT))\|NA"SW%)p-ZO@T(s;nT$2VNo(Zk8[qUtZgDS%P%

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2140)
Category:	downloaded
Size (bytes):	123951
Entropy (8bit):	5.501253783365937
Encrypted:	false
SSDEEP:	3072:fGcyvTTz/TQrpxeYj3FYFMFWZoD77QjMb:+cyr/TkwF277QjMb
MD5:	F36443AFF59269C1F830294760230795
SHA1:	F3CDA9EBBC1E8CBC873386A305BDA4A883EA75A9
SHA-256:	EE74A56BAFE09978B8744A71246CB5C9D77EE849E300DC2D48AF8BD3067F82EC
SHA-512:	3DF2E8703F863AF5DCFBEA411CF9689D996BA70E7B8DFDDF429B4FE35E53C3280431A4D00C1D90A393FD8C57F7BFB0AC00E4F98AA3D8C00D3CEA1D6690652752
Malicious:	false
Reputation:	low
URL:	"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.JHoMBbBABZg.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_6Zf8M75AJqSyaaLg_vD7Vr9kevQ/cb=gapi.loaded_0"
Preview:	gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x100000, ]);.var ba,fa,ha,ma,na,va,wa,Ca;ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};fa="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.la=ha(this);ma=function(a,b){if(b)a:{var c=_.la;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&fa(c,a,{configurable:!0,writable:!0,value:b})}};.ma("Symbol",function(a){if(a)r

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2766)
Category:	downloaded
Size (bytes):	56258
Entropy (8bit):	5.557722604560322
Encrypted:	false
SSDEEP:	768:OTUF17fpMNuj5QC35D/PzCf4kPkdDYRmnEy0yRJjGsR88+Lf9JWtqE02Uyd1rzrK:/dMs5QCJSnPkd0YnEy7SH9Af08o
MD5:	CA058C47F91FDE91FE2689AB8E0B8A5C
SHA1:	F49A88830AB0AEDEC26386D901232ABA544E57D5
SHA-256:	376D19623973DD693148671943AC4E30194FC816761688E08DDFE9DC8553719A
SHA-512:	8BC32D1EA3217B651C9842F222612361C129EC5397F176D9724EA154012FFE774818D58292E6EEA22DEEA5B466AE9667A878B5C1BBBF386070D74ED9764F2AB8
Malicious:	false
Reputation:	low
URL:	https://apis.google.com/js/platform.js
Preview:	(function(){var m,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");.},da=ca(this),r=function(a,b){if(b)a:{var c=da;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ba(c,a,{configurable:!0,writable:!0,value:b})}};.r("Symbol",function(a){if(a)return a;var b=function(f,g){this.ba=f;ba(this,"description",{configurable:!0,writable:!0,value:g})};b.prototype.toString=function(){return this.ba};var c="jscomp_symbol_"+(1E9*Math.random()>>>0)+"_",d=0,e=function

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:20.246510029 CEST	448	OUT	GET /-Z-xxpA6Bzqg/ULCCTYRgP2I/AAAAAAAAEvE/AekO-nDLdJw/s1600/down-arrow.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:21.095129967 CEST	679	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="down-arrow.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 219 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2063 ETag: "v12f1" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 07 00 00 00 04 08 02 00 00 00 cd a4 b2 2a 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 00 28 49 44 41 54 08 99 63 5c b3 eb 24 03 06 60 0a 76 35 43 13 0a 76 35 63 82 50 c8 42 0c 0c 0c 0c ff 61 60 cd ae 93 70 36 00 28 8d 19 8a 2e 98 f9 0b 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR*sBITO_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-(IDATc\$`v5Cv5cPBa`p6(.IENDB`
Jun 11, 2024 00:13:23.785020113 CEST	448	OUT	GET /-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:24.033231974 CEST	945	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="bubble-pip.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 485 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2066 ETag: "v130f" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 64 00 00 00 09 08 06 00 00 00 c4 88 89 d0 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 31 49 44 41 54 48 89 ed 96 c1 4a c3 40 10 86 67 77 02 15 6b c4 c4 5a da 62 7a aa 82 6d 42 03 fa 08 82 67 5f c0 87 eb 03 e8 d9 47 f0 e4 c6 a4 0d 68 f5 90 14 15 8d 69 0f 5a 3c ac 19 4f 91 e8 59 5c 30 f9 4e c3 fc 97 ef 30 33 0c 23 22 28 22 3c df 72 87 4e 0c 15 bf 8e f0 7c 0b 11 43 c7 ee d7 7f 66 c1 38 7c 95 52 ba bc d8 f4 83 c9 08 11 c3 bf 53 2c 17 88 18 03 c0 69 14 c5 6f c5 7e 14 cf 96 44 74 86 88 b7 8c 88 40 78 fe 86 a6 69 e7 eb fa da a0 db b5 ea 00 c0 d4 28 ff 6f 82 f1 d7 ac 5f 98 a6 b1 df 69 b7 f0 fe e1 f1 23 4d e7 02 00 0e 00 00 [TRUNCATED] Data Ascii: PNGIHDRdsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-1IDATHJ@gwkZbzmBg_GhiZ<OY\0N03#"("<rN\|Cf8\|RS,io~Dt@xi(o_i#M4M4NlK2/%4=yN3<krw}32!,]&gX)lHum\DlZcJ'RJWL'o_IENDB`
Jun 11, 2024 00:13:24.037589073 CEST	454	OUT	GET /--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:24.295636892 CEST	1184	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="white_googleplus.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 718 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2067 ETag: "v1313" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 1a 49 44 41 54 58 85 ed 97 3d 68 53 51 14 c7 7f f7 99 36 24 36 21 35 4d 91 d2 56 fc 28 a2 18 51 a9 5a 29 82 2e ea 56 2d 58 2b 88 11 b5 88 53 ea 20 a8 83 0e 55 47 07 e9 20 74 72 10 14 07 15 1d 14 b4 82 83 9f 28 6a 8a 62 12 63 1b 5b ab 89 c4 36 5f c5 24 af c7 a5 84 86 b4 5b 1e 75 78 17 0e 5c 38 87 fb ff dd 7b cf e1 de a3 44 84 85 1c da 82 aa 9b 00 26 80 09 60 02 98 00 26 c0 ff 00 60 01 48 7f 7c 2d a9 27 f7 c8 c7 c7 c9 7f ff 86 14 f2 a5 51 9a 86 6b af 8f ba fd c7 54 c5 01 7e 5c 39 27 b9 c8 17 3c 27 ce b2 d8 db aa 00 c6 2e 9f 92 a9 c0 [TRUNCATED] Data Ascii: PNGIHDR szzsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATX=hSQ6$6!5MV(QZ).V-X+S UG tr(jbc[6_$[ux\8{D&`&`H\|-'QkT~\9'<'.<Ocn%m@B9Qi5onm[uGqGC V@YT,o1 .JN!x+dM8vS.J.x)OF&!I>Mn$MS5u.f7&S#a=s>J$CoJ+V+Lb$^bI!oh\|+V!\@RP{[CsQ$~k@&\/{Xb@9L4"s.zRbW/0`mYGsh86)a?z/IENDB`
Jun 11, 2024 00:13:24.306581974 CEST	448	OUT	GET /-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:24.555915117 CEST	1234	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="linkedinss.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 774 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2067 ETag: "v1311" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 12 00 00 00 18 08 02 00 00 00 78 37 3a 66 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 53 49 44 41 54 38 8d 9d 94 bb 4f 54 41 14 c6 bf 33 77 96 cb bd e0 ae c2 f2 88 62 40 0d c4 f8 a0 50 0a 1b 63 a1 d8 98 58 ab 85 24 76 fe 01 d6 36 44 2b 1b 6c 48 6c 8c 1a 3b 3b 35 16 9a 18 0c 16 d2 f0 8a 1a 95 20 ee 12 60 77 61 97 7d de bd f7 ce 39 16 88 06 54 76 f5 64 8a 39 93 f9 e5 9c ef 9b 93 21 5c b9 8d 7f 0f f5 1f 0c 00 d5 ee 10 00 70 58 d7 75 0e b5 84 00 54 aa 6c 00 40 e9 fa aa e8 90 2c b0 51 20 82 08 8c 81 08 0c 43 a4 16 4a 20 d2 00 11 70 e1 44 ef c5 81 be d9 44 fa d1 d8 cc 9a e7 d7 02 49 83 79 a0 a7 f3 ce d5 73 7d 9d 2d 02 64 2b [TRUNCATED] Data Ascii: PNGIHDRx7:fsBITO_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-SIDAT8OTA3wb@PcX$v6D+lHl;;5 `wa}9Tvd9!\pXuTl@,Q CJ pDDIys}-d+aJ(A\+Vj=-t23^?6jfjS!4Qy99J)}+4D LXc=ejayrn4D\`6/0COVG?'S8hW\DR !-NeYDFvw<ZR5h#'M~lwwsKn:};..f,vK%d(,D5u;Vs&HkH%j^sj`6U+YEXY/pVD17b`~@k7-[,x>uD]kj2[ \RMID 5 *hi~.a&t9YO\|-%H^MpIENDB`
Jun 11, 2024 00:14:09.563455105 CEST	6	OUT	Data Raw: 00 Data Ascii:
Jun 11, 2024 00:14:54.569746017 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:20.246551991 CEST	440	OUT	GET /-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:21.096084118 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="bg.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 1003 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2063 ETag: "v12ea" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 02 01 00 48 00 48 00 00 ff e1 00 78 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 04 00 12 01 03 00 01 00 00 00 01 00 00 00 31 01 02 00 07 00 00 00 3e 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 46 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 06 00 00 00 03 a0 04 00 01 00 00 00 94 00 00 00 00 00 00 00 ff ee 00 0e 41 64 6f 62 65 00 64 40 00 00 00 01 ff db 00 84 00 02 02 02 02 02 02 02 02 02 02 03 02 02 02 03 04 03 02 02 03 04 05 04 04 04 04 04 05 06 05 05 05 05 05 05 06 06 07 07 08 07 07 06 09 09 0a 0a 09 09 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 01 03 03 03 05 04 05 09 06 06 09 0d 0a 09 0a 0d 0f 0e 0e 0e 0e 0f 0f 0c 0c 0c 0c 0c 0f 0f 0c 0c 0c 0c 0c 0c 0f 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 94 00 06 03 01 11 00 02 11 01 03 11 01 ff dd 00 04 00 01 ff c4 01 a2 00 00 00 07 01 01 01 01 01 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: JFIFHHxExifII1>iFGoogle0220Adobed@s!1AQa"q2B#R3b$r%C4Scs5D'6Tdt&EFVU(eufv7GWgw8HXhx)9IYiy:JZjzm!1AQa"q2#BRbr3$4CS%cs5DT&6E'dtU7()euFVfvGWgw8HXhx9IYiy*:JZjz?+w.?9U?6
Jun 11, 2024 00:13:21.096126080 CEST	221	IN	Data Raw: e4 ff 00 ff d0 f9 4f 8a bf ff d1 f9 4f 8a bf ff d2 f9 d5 ff 00 2a 9b f3 33 97 1f f0 36 b3 cb a5 3e aa ff 00 d3 2f fc ae 6f e6 4b e4 5a 7f 31 8f f9 c3 e6 1f ff d3 34 a2 f8 0c f5 07 cf 1f ff d4 30 a8 cf 50 7c f1 ff d5 19 c8 67 a8 3e 78 ff 00 ff d6 Data Ascii: OO*36>/oKZ140P\|g>xgx,o#;BaeSW/K^ouyc????3M}O{
Jun 11, 2024 00:13:23.783885002 CEST	455	OUT	GET /-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:24.031124115 CEST	1107	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="blue_twitter_bird.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 640 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2066 ETag: "v130d" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 18 00 00 00 18 08 06 00 00 00 e0 77 3d f8 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 cc 49 44 41 54 48 89 ed 95 3f 48 1b 61 18 c6 7f b9 1c c9 45 63 4c 44 6b 44 a5 71 48 40 5b a8 22 5a b0 42 d3 4d 9c 35 b3 ae 2e a2 83 93 e0 2c a5 e0 e6 26 d8 ad a9 a8 a3 4e fe 25 74 b1 4d 4b 15 e9 45 14 4c 30 1c 01 23 a6 18 63 bc 38 78 82 86 dc c5 58 84 0a 3e e3 fb bd df f3 7b 78 f9 5e 3e 53 2e 97 e3 31 25 3c aa fb 33 e0 bf 00 88 0f b9 24 04 65 3f 30 0c ac a9 01 ef d4 83 00 9a 09 6a c0 bb 9a 57 f7 00 0b 80 d3 57 61 69 db 3e c9 1c bf aa b4 cc ea fa 18 c0 93 c0 8a 6d 2e 12 13 82 f2 c0 ad fa 04 e0 04 f8 73 9a 79 d9 bb 11 fb 38 b4 a5 d4 [TRUNCATED] Data Ascii: PNGIHDRw=sBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATH?HaEcLDkDqH@["ZBM5.,&N%tMKEL0#c8xX>{x^>S.1%<3$e?0jWWai>m.sy8M9/_<3TI!(Zu4Ib.i5]Q`)8JgO5~{ukv,6A=E>4HfS(xKUXA\Uqxa.9)zri>zeM~~mvX7&r6KgbW-hOtWR\{&7Ul.Oz\zIENDB`
Jun 11, 2024 00:13:24.038775921 CEST	451	OUT	GET /-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:24.295650005 CEST	900	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="blue_facebook.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 437 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2067 ETag: "v130b" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 01 49 44 41 54 58 85 63 fc ff ff 3f c3 40 02 a6 01 b5 7d d4 01 a3 0e 18 75 c0 a8 03 a8 e5 00 f3 c8 59 ff bd 33 97 92 55 a4 52 ec 80 f8 8a f5 ff 4f 2c 4b 25 5b 3f c5 0e b8 f1 f0 35 03 03 03 03 c3 9b 0f 5f e9 ef 80 39 6b ce fc b7 35 92 a5 c4 08 06 16 4a 34 cf 5e 7b 8e 01 39 f8 cd 23 67 fd 67 60 60 60 b0 37 96 67 e8 2a 71 67 a4 9a 03 e2 2b d6 ff 87 05 35 32 40 b6 1c 99 6d 11 35 9b 18 63 89 77 c0 8d 87 af 19 c2 3d 74 18 18 18 18 18 56 ee b8 c2 40 49 a2 23 cb 01 0c 0c 0c 0c cf 5e 7d a4 9a a5 c8 60 e8 14 44 4c 8c b4 71 2b d1 51 f0 ef ff [TRUNCATED] Data Ascii: PNGIHDR szzsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATXc?@}uY3URO,K%[?5_9k5J4^{9#gg```7g*qg+52@m5cw=tV@I#^}`DLq+Q?8ld4lLQKFb4FQ,_FT$C':`fN#[IENDB`
Jun 11, 2024 00:14:09.310365915 CEST	6	OUT	Data Raw: 00 Data Ascii:
Jun 11, 2024 00:14:54.316020012 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:21.146418095 CEST	339	OUT	GET /-Z-xxpA6Bzqg/ULCCTYRgP2I/AAAAAAAAEvE/AekO-nDLdJw/s1600/down-arrow.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:22.000663042 CEST	679	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="down-arrow.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 219 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2064 ETag: "v12f1" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 07 00 00 00 04 08 02 00 00 00 cd a4 b2 2a 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 00 28 49 44 41 54 08 99 63 5c b3 eb 24 03 06 60 0a 76 35 43 13 0a 76 35 63 82 50 c8 42 0c 0c 0c 0c ff 61 60 cd ae 93 70 36 00 28 8d 19 8a 2e 98 f9 0b 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR*sBITO_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-(IDATc\$`v5Cv5cPBa`p6(.IENDB`
Jun 11, 2024 00:13:24.039541006 CEST	339	OUT	GET /-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:24.295620918 CEST	945	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="bubble-pip.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 485 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2067 ETag: "v130f" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 64 00 00 00 09 08 06 00 00 00 c4 88 89 d0 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 31 49 44 41 54 48 89 ed 96 c1 4a c3 40 10 86 67 77 02 15 6b c4 c4 5a da 62 7a aa 82 6d 42 03 fa 08 82 67 5f c0 87 eb 03 e8 d9 47 f0 e4 c6 a4 0d 68 f5 90 14 15 8d 69 0f 5a 3c ac 19 4f 91 e8 59 5c 30 f9 4e c3 fc 97 ef 30 33 0c 23 22 28 22 3c df 72 87 4e 0c 15 bf 8e f0 7c 0b 11 43 c7 ee d7 7f 66 c1 38 7c 95 52 ba bc d8 f4 83 c9 08 11 c3 bf 53 2c 17 88 18 03 c0 69 14 c5 6f c5 7e 14 cf 96 44 74 86 88 b7 8c 88 40 78 fe 86 a6 69 e7 eb fa da a0 db b5 ea 00 c0 d4 28 ff 6f 82 f1 d7 ac 5f 98 a6 b1 df 69 b7 f0 fe e1 f1 23 4d e7 02 00 0e 00 00 [TRUNCATED] Data Ascii: PNGIHDRdsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-1IDATHJ@gwkZbzmBg_GhiZ<OY\0N03#"("<rN\|Cf8\|RS,io~Dt@xi(o_i#M4M4NlK2/%4=yN3<krw}32!,]&gX)lHum\DlZcJ'RJWL'o_IENDB`
Jun 11, 2024 00:13:24.443592072 CEST	345	OUT	GET /--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:24.688500881 CEST	1184	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="white_googleplus.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 718 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2067 ETag: "v1313" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 1a 49 44 41 54 58 85 ed 97 3d 68 53 51 14 c7 7f f7 99 36 24 36 21 35 4d 91 d2 56 fc 28 a2 18 51 a9 5a 29 82 2e ea 56 2d 58 2b 88 11 b5 88 53 ea 20 a8 83 0e 55 47 07 e9 20 74 72 10 14 07 15 1d 14 b4 82 83 9f 28 6a 8a 62 12 63 1b 5b ab 89 c4 36 5f c5 24 af c7 a5 84 86 b4 5b 1e 75 78 17 0e 5c 38 87 fb ff dd 7b cf e1 de a3 44 84 85 1c da 82 aa 9b 00 26 80 09 60 02 98 00 26 c0 ff 00 60 01 48 7f 7c 2d a9 27 f7 c8 c7 c7 c9 7f ff 86 14 f2 a5 51 9a 86 6b af 8f ba fd c7 54 c5 01 7e 5c 39 27 b9 c8 17 3c 27 ce b2 d8 db aa 00 c6 2e 9f 92 a9 c0 [TRUNCATED] Data Ascii: PNGIHDR szzsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATX=hSQ6$6!5MV(QZ).V-X+S UG tr(jbc[6_$[ux\8{D&`&`H\|-'QkT~\9'<'.<Ocn%m@B9Qi5onm[uGqGC V@YT,o1 .JN!x+dM8vS.J.x)OF&!I>Mn$MS5u.f7&S#a=s>J$CoJ+V+Lb$^bI!oh\|+V!\@RP{[CsQ$~k@&\/{Xb@9L4"s.zRbW/0`mYGsh86)a?z/IENDB`
Jun 11, 2024 00:14:09.700078011 CEST	6	OUT	Data Raw: 00 Data Ascii:
Jun 11, 2024 00:14:54.712838888 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:21.146480083 CEST	331	OUT	GET /-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:22.006419897 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="bg.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 1003 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2064 ETag: "v12ea" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 02 01 00 48 00 48 00 00 ff e1 00 78 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 04 00 12 01 03 00 01 00 00 00 01 00 00 00 31 01 02 00 07 00 00 00 3e 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 46 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 06 00 00 00 03 a0 04 00 01 00 00 00 94 00 00 00 00 00 00 00 ff ee 00 0e 41 64 6f 62 65 00 64 40 00 00 00 01 ff db 00 84 00 02 02 02 02 02 02 02 02 02 02 03 02 02 02 03 04 03 02 02 03 04 05 04 04 04 04 04 05 06 05 05 05 05 05 05 06 06 07 07 08 07 07 06 09 09 0a 0a 09 09 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 01 03 03 03 05 04 05 09 06 06 09 0d 0a 09 0a 0d 0f 0e 0e 0e 0e 0f 0f 0c 0c 0c 0c 0c 0f 0f 0c 0c 0c 0c 0c 0c 0f 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 94 00 06 03 01 11 00 02 11 01 03 11 01 ff dd 00 04 00 01 ff c4 01 a2 00 00 00 07 01 01 01 01 01 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: JFIFHHxExifII1>iFGoogle0220Adobed@s!1AQa"q2B#R3b$r%C4Scs5D'6Tdt&EFVU(eufv7GWgw8HXhx)9IYiy:JZjzm!1AQa"q2#BRbr3$4CS%cs5DT&6E'dtU7()euFVfvGWgw8HXhx9IYiy*:JZjz?+w.?9U?6
Jun 11, 2024 00:13:22.006429911 CEST	221	IN	Data Raw: e4 ff 00 ff d0 f9 4f 8a bf ff d1 f9 4f 8a bf ff d2 f9 d5 ff 00 2a 9b f3 33 97 1f f0 36 b3 cb a5 3e aa ff 00 d3 2f fc ae 6f e6 4b e4 5a 7f 31 8f f9 c3 e6 1f ff d3 34 a2 f8 0c f5 07 cf 1f ff d4 30 a8 cf 50 7c f1 ff d5 19 c8 67 a8 3e 78 ff 00 ff d6 Data Ascii: OO*36>/oKZ140P\|g>xgx,o#;BaeSW/K^ouyc????3M}O{
Jun 11, 2024 00:13:24.037199020 CEST	346	OUT	GET /-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:24.295608044 CEST	1107	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="blue_twitter_bird.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 640 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2067 ETag: "v130d" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 18 00 00 00 18 08 06 00 00 00 e0 77 3d f8 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 cc 49 44 41 54 48 89 ed 95 3f 48 1b 61 18 c6 7f b9 1c c9 45 63 4c 44 6b 44 a5 71 48 40 5b a8 22 5a b0 42 d3 4d 9c 35 b3 ae 2e a2 83 93 e0 2c a5 e0 e6 26 d8 ad a9 a8 a3 4e fe 25 74 b1 4d 4b 15 e9 45 14 4c 30 1c 01 23 a6 18 63 bc 38 78 82 86 dc c5 58 84 0a 3e e3 fb bd df f3 7b 78 f9 5e 3e 53 2e 97 e3 31 25 3c aa fb 33 e0 bf 00 88 0f b9 24 04 65 3f 30 0c ac a9 01 ef d4 83 00 9a 09 6a c0 bb 9a 57 f7 00 0b 80 d3 57 61 69 db 3e c9 1c bf aa b4 cc ea fa 18 c0 93 c0 8a 6d 2e 12 13 82 f2 c0 ad fa 04 e0 04 f8 73 9a 79 d9 bb 11 fb 38 b4 a5 d4 [TRUNCATED] Data Ascii: PNGIHDRw=sBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATH?HaEcLDkDqH@["ZBM5.,&N%tMKEL0#c8xX>{x^>S.1%<3$e?0jWWai>m.sy8M9/_<3TI!(Zu4Ib.i5]Q`)8JgO5~{ukv,6A=E>4HfS(xKUXA\Uqxa.9)zri>zeM~~mvX7&r6KgbW-hOtWR\{&7Ul.Oz\zIENDB`
Jun 11, 2024 00:13:24.442678928 CEST	342	OUT	GET /-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:24.688885927 CEST	900	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="blue_facebook.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 437 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2067 ETag: "v130b" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 01 49 44 41 54 58 85 63 fc ff ff 3f c3 40 02 a6 01 b5 7d d4 01 a3 0e 18 75 c0 a8 03 a8 e5 00 f3 c8 59 ff bd 33 97 92 55 a4 52 ec 80 f8 8a f5 ff 4f 2c 4b 25 5b 3f c5 0e b8 f1 f0 35 03 03 03 03 c3 9b 0f 5f e9 ef 80 39 6b ce fc b7 35 92 a5 c4 08 06 16 4a 34 cf 5e 7b 8e 01 39 f8 cd 23 67 fd 67 60 60 60 b0 37 96 67 e8 2a 71 67 a4 9a 03 e2 2b d6 ff 87 05 35 32 40 b6 1c 99 6d 11 35 9b 18 63 89 77 c0 8d 87 af 19 c2 3d 74 18 18 18 18 18 56 ee b8 c2 40 49 a2 23 cb 01 0c 0c 0c 0c cf 5e 7d a4 9a a5 c8 60 e8 14 44 4c 8c b4 71 2b d1 51 f0 ef ff [TRUNCATED] Data Ascii: PNGIHDR szzsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATXc?@}uY3URO,K%[?5_9k5J4^{9#gg```7g*qg+52@m5cw=tV@I#^}`DLq+Q?8ld4lLQKFb4FQ,_FT$C':`fN#[IENDB`
Jun 11, 2024 00:14:09.700206995 CEST	6	OUT	Data Raw: 00 Data Ascii:
Jun 11, 2024 00:14:54.712886095 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:24.567576885 CEST	339	OUT	GET /-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:25.420452118 CEST	1234	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="linkedinss.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 774 X-XSS-Protection: 0 Date: Mon, 10 Jun 2024 21:38:57 GMT Expires: Tue, 11 Jun 2024 21:38:57 GMT Cache-Control: public, max-age=86400, no-transform Age: 2068 ETag: "v1311" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 12 00 00 00 18 08 02 00 00 00 78 37 3a 66 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 53 49 44 41 54 38 8d 9d 94 bb 4f 54 41 14 c6 bf 33 77 96 cb bd e0 ae c2 f2 88 62 40 0d c4 f8 a0 50 0a 1b 63 a1 d8 98 58 ab 85 24 76 fe 01 d6 36 44 2b 1b 6c 48 6c 8c 1a 3b 3b 35 16 9a 18 0c 16 d2 f0 8a 1a 95 20 ee 12 60 77 61 97 7d de bd f7 ce 39 16 88 06 54 76 f5 64 8a 39 93 f9 e5 9c ef 9b 93 21 5c b9 8d 7f 0f f5 1f 0c 00 d5 ee 10 00 70 58 d7 75 0e b5 84 00 54 aa 6c 00 40 e9 fa aa e8 90 2c b0 51 20 82 08 8c 81 08 0c 43 a4 16 4a 20 d2 00 11 70 e1 44 ef c5 81 be d9 44 fa d1 d8 cc 9a e7 d7 02 49 83 79 a0 a7 f3 ce d5 73 7d 9d 2d 02 64 2b [TRUNCATED] Data Ascii: PNGIHDRx7:fsBITO_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-SIDAT8OTA3wb@PcX$v6D+lHl;;5 `wa}9Tvd9!\pXuTl@,Q CJ pDDIys}-d+aJ(A\+Vj=-t23^?6jfjS!4Qy99J)}+4D LXc=ejayrn4D\`6/0COVG?'S8hW\DR !-NeYDFvw<ZR5h#'M~lwwsKn:};..f,vK%d(,D5u;Vs&HkH%j^sj`6U+YEXY/pVD17b`~@k7-[,x>uD]kj2[ \RMID 5 *hi~.a&t9YO\|-%H^MpIENDB`
Jun 11, 2024 00:14:10.435142040 CEST	6	OUT	Data Raw: 00 Data Ascii:
Jun 11, 2024 00:14:55.469149113 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:31.268542051 CEST	402	OUT	GET /favicon.ico HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:32.221226931 CEST	1074	IN	HTTP/1.1 200 OK Content-Type: image/x-icon Expires: Mon, 10 Jun 2024 22:13:32 GMT Date: Mon, 10 Jun 2024 22:13:32 GMT Cache-Control: private, max-age=86400 Last-Modified: Thu, 14 Mar 2024 04:14:12 GMT ETag: W/"32199fd45849384259703cfb9ed7f99322695aafd480168da9f763565638bfbd" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 665 Server: GSE Data Raw: 1f 8b 08 00 00 00 00 00 00 ff 7d 93 5d 48 53 61 18 c7 5f 51 28 87 e8 d8 45 57 63 78 a1 e0 47 db ce 26 3b 3a 5d 78 64 c7 75 5a 08 3a 5c 2d 1d 15 b4 dc c4 31 89 30 85 70 d3 81 30 c1 22 cd 2b cd 10 a3 0b bb 90 ae ec ce d4 8b 79 13 53 64 62 1f 37 8a b8 2d 2d ea c2 9b a8 f6 ef bc 67 69 9b 9b fd 0f ff f3 f1 bc cf ef 79 0e 2f ef 43 48 9e 78 c9 e5 44 bc 97 12 4f 01 21 17 08 21 15 a2 c5 90 18 49 c5 a9 b8 02 92 25 00 ff 9c 48 c8 d6 d7 d6 4a ed 6d 6d 82 41 af ef d5 aa d5 c3 9a aa aa 91 1a 86 b9 7f 55 10 ec 53 93 93 d5 38 3a 2a ca 60 d2 4c c5 1a d9 97 95 17 2b a1 d1 69 a0 ab 61 44 eb c0 e8 19 54 6b aa 51 51 55 f1 ed 74 df 74 51 ae fe 92 11 1c cf a1 ae a1 0e b5 0d b5 92 4d 8d 26 70 cd 1c 4c 9c 09 4c 8d 36 13 fa 2b 35 a3 06 67 e6 24 be b8 a4 98 e6 64 d9 28 ae 35 f1 4d 60 eb d9 8c 1a 1a 9d 3a 69 16 cc 30 5b cc 19 f9 5f 87 8a b2 6a 70 e6 46 58 ac 16 18 4d c6 93 1a 94 6b 77 b4 43 2e 97 ff 97 97 c9 64 50 2a 95 b0 d9 db 60 6d b9 22 f1 13 53 13 bc 5d 64 af dd b0 67 f5 4a e7 15 0a 05 ca cb cb c1 b2 2c 1c 9d d7 e1 bc e5 [TRUNCATED] Data Ascii: }]HSa_Q(EWcxG&;:]xduZ:\-10p0"+ySdb7--giy/CHxDO!!I%HJmmAUS8:`L+iaDTkQQUttQM&pLL6+5g$d(5M`:i0[_jpFXMkwC.dP`m"S]dgJ,DeWRq*67zf;1p` 'O-N'<\|>FB#'~t?3\.#`f>'<EhqE(~_ceupXbQVVv188(qcccvs/2o#^WoGQlmmI\|9"9X<X,x<]D"1y%}\|WN#{IOP^u9;)(~
Jun 11, 2024 00:13:39.492450953 CEST	491	OUT	GET /2012/02/us-attacks-iran-and-saudi-arabia-f.html HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:39.964442015 CEST	419	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Expires: Mon, 10 Jun 2024 22:13:39 GMT Date: Mon, 10 Jun 2024 22:13:39 GMT Cache-Control: private, max-age=0 Last-Modified: Thu, 14 Mar 2024 04:14:12 GMT ETag: W/"32199fd45849384259703cfb9ed7f99322695aafd480168da9f763565638bfbd" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 17983 Server: GSE
Jun 11, 2024 00:13:39.970732927 CEST	1236	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 ff ed bd db 72 db 48 d3 20 78 6d 3d 45 b5 fc 75 53 fa 4c f0 00 9e a5 96 7a 74 96 6c 9d 2c 52 27 f7 e7 50 80 44 91 84 04 02 34 00 92 92 fd 3b 62 62 5f 61 af f6 6e 23 e6 09 e6 76 e6 6e 63 37 62 5f 63 e7 49 36 b3 0e 40 01 Data Ascii: rH xm=EuSLztl,R'PD4;bb_an#vnc7b_cI6@)mwVX"UYYYYy?mlOwH?r?-J>?LrRzbcUn;B%jhm$hAarH]-Q5#:q1?\|R(n:
Jun 11, 2024 00:13:39.970772982 CEST	1236	IN	Data Raw: 63 7e d8 96 db 8f a1 a1 e6 c7 c8 bf bc b0 0d 58 28 98 c2 bf ed 9d 2d 82 b2 6e e1 99 83 26 ff cc 03 a5 c8 b9 4f 49 d0 b7 7c 32 b1 82 3e 09 c4 40 fd bc fc a4 05 13 b7 e3 da 4c 46 62 93 97 8e 31 6e 1b 9e 66 75 3d 20 1a f9 b4 60 5a 3e 54 7c 58 01 33 Data Ascii: c~X(-n&OI\|2>@LFb1nfu= `Z>T\|X3.\|^k>d-Y^3/fz_~%fY[hvn{Y4=kYYd !k9~C@^-fmgif];;Z6dm0md6Mo]96\|;0
Jun 11, 2024 00:13:39.970789909 CEST	1236	IN	Data Raw: 7f 38 d2 6e 07 4c bd a4 62 d1 ea 53 c2 ad 58 e1 a2 64 7a 91 88 e5 a8 15 f5 0a d6 50 26 54 54 83 6e 30 a8 38 a5 be 48 29 4d aa 16 92 22 86 14 73 a5 52 dc 60 25 8b cc 42 5d cc 46 96 eb e2 0c 73 95 70 7b 55 e0 a0 31 3f 9b 18 53 06 4e c4 15 f0 83 7c Data Ascii: 8nLbSXdzP&TTn08H)M"sR`%B]Fsp{U1?SN\|R`%W)0ErFNU<QtJi<,m~RLh)IbsY0+fQ)[EKCHTe964$fT^2G&Pb9fKvV!I._1=
Jun 11, 2024 00:13:39.970822096 CEST	390	IN	Data Raw: 36 e6 e2 b4 cd 14 09 f9 5d a6 66 bf 68 fe 42 0d cd 89 d0 e0 41 30 55 b3 a4 4f 23 df 7a 4b 86 dd 88 a2 aa d0 36 33 3b de 68 d0 f6 53 83 9a 95 42 b4 43 a0 8c 51 74 57 11 be 04 d1 13 a1 d3 02 29 49 c3 1d c7 0e 3c 0c 1a 14 83 22 a3 0e cb 8a 0a 26 60 Data Ascii: 6]fhBA0UO#zK63;hSBCQtW)I<"&`,,HwjZ\|XY0n4^%*3EudI;#dk]/RP-'Il^8+?RIB1i;b_O[_Lm`}mEhX5
Jun 11, 2024 00:13:39.990859985 CEST	1236	IN	Data Raw: 20 f4 27 52 8c 93 62 36 d1 12 2c a5 86 8e 1f 61 a3 c4 f0 8c 9c 3f 87 78 85 42 a5 6c e8 cf 05 16 da c5 33 28 27 8c 64 f2 b2 b2 53 af 6f 96 13 1b d5 f3 fa f2 43 2e 64 5f 2d 07 05 90 e8 7d ce 44 09 c8 6a d4 ae 98 5c 83 f3 ba 8d f5 c3 34 c8 3c 62 4d Data Ascii: 'Rb6,a?xBl3('dSoC.d_-}Dj\4<bM&bp9enf/?@qpUv8@_qL#\Zg1fxip?q(+X!>X%,}^;REHK`Dj0;LNd?U2'7o
Jun 11, 2024 00:13:39.990876913 CEST	164	IN	Data Raw: 01 9b 3f 26 f8 10 61 63 1d 76 61 82 07 4b 68 ba c9 ab 62 96 95 71 f8 bc 6f f2 19 7f b3 5f 88 1a 40 21 7e ee d6 b5 9c a5 45 8e dd e7 05 82 63 84 07 4b ec ef af 7c 08 1c 06 a0 40 7e e3 cf 57 62 e5 3a 36 05 95 62 53 4e 15 bc 7e 65 23 60 10 a0 cd 4f Data Ascii: ?&acvaKhbqo_@!~EcK\|@~Wb:6bSN~e#`Ok!Bb2NN64+#WhX`;2-2L,;t;#%z
Jun 11, 2024 00:13:39.990896940 CEST	1236	IN	Data Raw: b1 29 7e dc 7c 38 30 59 c5 55 5e 11 78 0b af a0 58 23 8b 8b 51 09 36 05 d3 30 6a e5 6f 3e 00 8b e0 99 e8 a5 45 78 be 28 5b 23 0f e3 50 54 fe 5e 65 cc 03 1f 04 f1 d6 d7 60 f4 6c 66 c3 be 32 bf 32 03 9d ad 9e b5 45 c5 9c 95 4e 9e d8 19 29 aa 4a 6f Data Ascii: )~\|80YU^xX#Q60jo>Ex([#PT^e`lf22EN)JoqWD:kWyY$l]bu_L=B\|36!Db Zz~C!;jYuuZ%bl^Rq"evi'\|v&}
Jun 11, 2024 00:13:39.990921021 CEST	212	IN	Data Raw: 14 92 96 04 45 53 d3 6f 52 ee 6e bc df 1c d5 cb 1f ce 5f db e3 4e fe fc e8 ac 6b 05 b5 89 de 8e d2 6f 76 db 9d fc e8 ae 5d a1 6f 27 87 13 eb ad 48 bf f9 b9 b2 c9 6e ce 4e 5e 6a 08 20 7f ae 6c 73 ec 7b b6 81 17 5e db 23 7a e3 0f 3d 6b ea ec f3 8c Data Ascii: ESoRn_Nkov]o'HnN^j ls{^#z=ku'QY&*4M$-~<Dvm\#4'').vVl6"ZG84agsIa)V.\UU^0F,
Jun 11, 2024 00:13:39.990935087 CEST	1236	IN	Data Raw: 33 2d 65 42 d1 a1 78 cb b6 35 5c 89 62 2c 33 22 45 40 29 c5 de 4c a8 04 34 d8 d5 78 d3 94 0a 98 51 c1 9d ff fc 11 e8 f3 02 70 a9 68 a6 44 c6 a6 30 9d 5d 67 5e 00 2e 86 ef cc e7 ea 01 e6 b8 5f 55 48 28 80 e7 b0 a0 bc b9 71 2a 72 89 7b 84 f2 7f 21 Data Ascii: 3-eBx5\b,3"E@)L4xQphD0]g^._UH(q*r{!WY&y_Ol5__w'NcpY3UCZz7\+;OMUF\|(0.GSe<Ol;pa9&^G3E,7c8i'QaZfU&SR)SRv1
Jun 11, 2024 00:13:39.990948915 CEST	1236	IN	Data Raw: 99 2b 21 d8 b4 46 cb a9 b2 1a 8f c0 f1 03 08 98 9d 9d 91 6f 75 c3 b0 9e af be 5f 15 0b e4 bb de c4 6b 52 0b c5 7c e8 b6 e6 6e f1 7d 5d 53 87 1a 42 98 00 12 af 4b ca dd 7e 18 51 ef 81 41 e4 1f b5 62 ae 96 1b 58 ce 63 00 9e 83 14 08 39 cf 9b 85 d2 Data Ascii: +!Fou_kR\|n}]SBK~QAbXc9sX)9aI/c)#x(#YdZ </c{=&{FjbKI*+$F!du0NRH}<[~X.B+x9il+$ss/7mmuVC
Jun 11, 2024 00:13:46.420430899 CEST	455	OUT	GET /2012/02/img/2.jpg HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/2012/02/us-attacks-iran-and-saudi-arabia-f.html Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:46.845702887 CEST	350	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 10 Jun 2024 22:13:46 GMT Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 15856 Server: GSE

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:32.739303112 CEST	293	OUT	GET /favicon.ico HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:33.695631981 CEST	1152	IN	HTTP/1.1 200 OK Content-Type: image/x-icon Expires: Mon, 10 Jun 2024 22:13:33 GMT Date: Mon, 10 Jun 2024 22:13:33 GMT Cache-Control: private, max-age=86400 Last-Modified: Thu, 14 Mar 2024 04:14:12 GMT ETag: W/"32199fd45849384259703cfb9ed7f99322695aafd480168da9f763565638bfbd" Content-Encoding: gzip X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Content-Length: 665 Server: GSE Data Raw: 1f 8b 08 00 00 00 00 00 00 ff 7d 93 5d 48 53 61 18 c7 5f 51 28 87 e8 d8 45 57 63 78 a1 e0 47 db ce 26 3b 3a 5d 78 64 c7 75 5a 08 3a 5c 2d 1d 15 b4 dc c4 31 89 30 85 70 d3 81 30 c1 22 cd 2b cd 10 a3 0b bb 90 ae ec ce d4 8b 79 13 53 64 62 1f 37 8a b8 2d 2d ea c2 9b a8 f6 ef bc 67 69 9b 9b fd 0f ff f3 f1 bc cf ef 79 0e 2f ef 43 48 9e 78 c9 e5 44 bc 97 12 4f 01 21 17 08 21 15 a2 c5 90 18 49 c5 a9 b8 02 92 25 00 ff 9c 48 c8 d6 d7 d6 4a ed 6d 6d 82 41 af ef d5 aa d5 c3 9a aa aa 91 1a 86 b9 7f 55 10 ec 53 93 93 d5 38 3a 2a ca 60 d2 4c c5 1a d9 97 95 17 2b a1 d1 69 a0 ab 61 44 eb c0 e8 19 54 6b aa 51 51 55 f1 ed 74 df 74 51 ae fe 92 11 1c cf a1 ae a1 0e b5 0d b5 92 4d 8d 26 70 cd 1c 4c 9c 09 4c 8d 36 13 fa 2b 35 a3 06 67 e6 24 be b8 a4 98 e6 64 d9 28 ae 35 f1 4d 60 eb d9 8c 1a 1a 9d 3a 69 16 cc 30 5b cc 19 f9 5f 87 8a b2 6a 70 e6 46 58 ac 16 18 4d c6 93 1a 94 6b 77 b4 43 2e 97 ff 97 97 c9 64 50 2a 95 b0 d9 db 60 6d b9 22 f1 13 53 13 bc 5d 64 af dd b0 67 f5 4a e7 15 0a 05 ca cb cb c1 b2 2c 1c 9d d7 e1 bc e5 [TRUNCATED] Data Ascii: }]HSa_Q(EWcxG&;:]xduZ:\-10p0"+ySdb7--giy/CHxDO!!I%HJmmAUS8:`L+iaDTkQQUttQM&pLL6+5g$d(5M`:i0[_jpFXMkwC.dP`m"S]dgJ,DeWRq*67zf;1p` 'O-N'<\|>FB#'~t?3\.#`f>'<EhqE(~_ceupXbQVVv188(qcccvs/2o#^WoGQlmmI\|9"9X<X,x<]D"1y%}\|WN#{IOP^u9;)(~
Jun 11, 2024 00:14:18.700042009 CEST	6	OUT	Data Raw: 00 Data Ascii:
Jun 11, 2024 00:15:03.712085009 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:13:47.064836025 CEST	591	OUT	GET /2012/01/how-to-access-facebook-without-internet.html HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Referer: http://facebooksecurity.blogspot.com/2012/02/us-attacks-iran-and-saudi-arabia-f.html Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:47.564810991 CEST	419	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Expires: Mon, 10 Jun 2024 22:13:47 GMT Date: Mon, 10 Jun 2024 22:13:47 GMT Cache-Control: private, max-age=0 Last-Modified: Thu, 14 Mar 2024 04:14:12 GMT ETag: W/"32199fd45849384259703cfb9ed7f99322695aafd480168da9f763565638bfbd" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 17007 Server: GSE
Jun 11, 2024 00:13:47.569360018 CEST	1236	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 ff ed bd d9 72 db c8 b6 28 f8 6c 7d 45 96 bc ab 28 1d 13 24 c1 99 92 ad 7d 35 4b b6 26 8b 94 6c b9 4e 85 02 04 92 24 24 10 a0 00 50 94 ec e3 97 fb 25 27 e2 7e 41 bf 76 bf 9d e8 8e e8 df e8 3f e9 b5 72 00 12 20 48 0d 55 Data Ascii: r(l}E($}5K&lN$$P%'~Av?r HUvkJ"+W\sxfdor00<_[VxnZ-X.j)veUkc%`"N8{M>hu~imo4ZI. ]
Jun 11, 2024 00:13:47.569408894 CEST	1236	IN	Data Raw: 40 dc a9 9f 47 4f 0d ff f4 7d 0f 10 00 15 3c ce 03 85 f2 01 17 38 c0 6a 38 34 fc fb 3c e8 14 9a 87 4f d7 79 63 6c d9 5e fe 16 fa f0 be 2c 40 49 df 76 57 4a ab 0b 23 18 37 70 13 7e ec 7a 3e 80 c4 4f 20 c6 20 94 14 3f f6 40 59 69 81 fd 99 ae e8 a5 Data Ascii: @GO}<8j84<Oycl^,@IvWJ#7p~z>O ?@Yi5p#WF@*6kDVBps<PKR"L;ogZW;Y+Z~U:R[qh/Q#Xz(=R9c_m&0@+#h+/A3
Jun 11, 2024 00:13:47.569423914 CEST	424	IN	Data Raw: 10 39 a9 13 d5 aa fd 1a 83 49 42 f0 10 42 76 cd 18 61 6e c6 32 28 4a 98 76 4d 0d 2c 0e 82 48 da e9 ae a8 5d 8f a6 1e ab c3 45 d8 85 86 8a ab d0 79 1a 6b a3 4f cf b8 1a 47 4d 31 26 f3 97 a7 06 a6 f1 b8 31 86 55 ae 94 77 4a 7a 02 56 99 c1 a2 61 a8 Data Ascii: 9IBBvan2(JvM,H]EykOGM1&1UwJzVaV=!h5A)X/JZpO(2*b~b>hh sxO<2HCIyma< 5Y;6;ak{{p}+EKaibV=Ky8
Jun 11, 2024 00:13:47.569441080 CEST	1202	IN	Data Raw: 6a 7a 28 b4 87 3f b1 99 15 6c e2 1b 96 3d 0e 56 98 12 00 d3 7c 97 55 3e 55 c4 29 4e 38 9a 8f 42 ed 11 32 0c b4 ae 6c d5 13 a6 38 1a 10 32 43 b6 8d 16 ea 2b a9 66 93 13 96 9a 92 d4 34 64 bb b0 2c 30 65 ea 90 ae c0 50 ff 82 7c c3 a6 58 54 7b 56 b4 Data Ascii: jz(?l=V\|U>U)N8B2l82C+f4d,0eP\|XT{V!WJF!UTLY19/cu^wQpUc.mpid0 rMsDOWWJcUNz[zPy}g=ep\:f:%E&JcS/qAP4J
Jun 11, 2024 00:13:47.582078934 CEST	1236	IN	Data Raw: db 74 70 17 33 90 e7 56 c9 df 32 a7 54 64 c3 66 d9 5b e9 48 63 4d f1 7f 45 cd 3f db 2e f3 68 e4 b2 b0 ec 2d ee 0c 59 3c 08 2a c8 6d 6c 49 36 99 e4 ad f2 14 b2 84 3d 2b 6d 3c 55 ed 81 c7 0f 9b c9 ec b5 94 f2 f4 5a ca 27 ed ee 6e b4 5e df f8 7c d3 Data Ascii: tp3V2Tdf[HcME?.h-Y<*mlI6=+m<UZ'n^\|IY<]\u`7q5IzEDM;Om#]`1<FZ$dL'O2DUdOT?nR&$S!7@djZG?0"e~z{F6O"XUTu
Jun 11, 2024 00:13:47.582092047 CEST	212	IN	Data Raw: 31 f7 0a 3e fe 5e 02 f6 f0 cd 57 b9 45 c2 e4 42 14 ab a2 f2 2a 37 ba 5b 24 5c 98 92 8f 79 19 7b 5e 44 41 06 7c d6 72 ab c8 36 c9 21 f1 01 01 d7 c4 03 86 62 a8 20 06 f3 0a 06 03 b4 5a cb c1 a7 a4 3c f1 b8 c4 a5 fe 5e e7 f0 80 9d e9 5c 66 b5 8b ac Data Ascii: 1>^WEB*7[$\y{^DA\|r6!b Z<^\f:MTDk-1//T[guEl@v`"qq>;N4xKUv.VKC+9Oj;3[lC
Jun 11, 2024 00:13:47.582107067 CEST	1236	IN	Data Raw: 95 8d 6c 6a 41 5e a2 8c 0f d5 b3 9f 29 d8 e0 3b a4 a1 63 b4 f5 22 15 fc bf 98 71 3c 38 0d cd b1 a7 c1 39 b6 02 2f 99 db 7b f1 d9 c3 54 3e 7c f8 b7 64 05 28 49 a5 79 61 ce 32 fb 23 a8 4e b2 3a 65 0f 94 9e 05 59 32 c2 e3 88 98 ad 16 db 08 f3 82 f1 Data Ascii: ljA^);c"q<89/{T>\|d(Iya2#N:eY2^%Af6g?2nw"x!>"]KXA:(Vp*w3e3YXgyBnf)~.,Q0ua:-RSzzy0g=bsqaf<dHPA<$G+Y@
Jun 11, 2024 00:13:47.582145929 CEST	1236	IN	Data Raw: f7 be cc d2 47 b3 2d d4 7c 35 3c be bb 78 6b ee 6f 4d dc d6 84 a9 e1 aa 66 68 f5 77 aa 1a be 2e 36 47 b4 f2 69 52 fb a8 d7 b6 1f a5 86 bb fd 4b 8e 31 57 bc d1 a5 9b aa 06 4e 18 8d a4 80 28 42 98 d4 a3 0f d0 e6 b1 3a 6f 1e 88 47 6a b6 94 1f 38 75 Data Ascii: G-\|5<xkoMfhw.6GiRK1WN(B:oGj8uB0\NSeb#U;SE,t8i'Q`MIN>]r5<h_Eni=Y"8 w)i=f CgL0kSS<{>Y<d`zr
Jun 11, 2024 00:13:47.582161903 CEST	1236	IN	Data Raw: fb e5 02 5e 75 75 bf 24 b7 ec 2f b1 83 13 0b 84 fc 63 29 27 78 28 b7 5c 00 eb b8 94 1b 7a e3 80 b2 59 ca e5 89 5a 9f 9d b4 20 ed 88 3c 18 d5 2f fd 63 09 df cd b5 fc 7b e9 0f dc 84 4f be c2 ef 05 fe 1b 21 0b af 15 40 8b 01 2c 21 0c a6 b1 57 38 38 Data Ascii: ^uu$/c)'x(\zYZ </c{O!@,!W88"S_<jDzr]!$/Br=_1z0^g<M2=K6"r p8vgF$F99%3o4OPzD2T7YA
Jun 11, 2024 00:13:47.582176924 CEST	636	IN	Data Raw: 8f 95 a3 ce 78 e3 f4 90 e1 dd 7b d7 7b b7 5e 51 f1 3e 2c f6 6f d7 cf ed 9b b3 f1 c5 40 2e 81 54 fe 62 bc a5 7c a1 9d a3 f8 5e fb c4 4d 5b ec 12 8c 64 05 64 6f 6e f4 9e c0 f3 aa f3 f5 23 f0 7a fb fe e2 ac e3 6d 0c df b7 2e 18 ed fb db c7 83 5e a0 Data Ascii: x{{^Q>,o@.Tb\|^M[ddon#zm.^xm5}'y~V["du%X'/q(K?;Y=]\% j 9,g?,4)sy\|4o`zWOo[-\|-\|`
Jun 11, 2024 00:13:53.899173021 CEST	460	OUT	GET /2012/01/img/2.jpg HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/2012/01/how-to-access-facebook-without-internet.html Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:13:54.350024939 CEST	350	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 10 Jun 2024 22:13:54 GMT Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 15855 Server: GSE

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:14:09.395447016 CEST	492	OUT	GET /2012/02/how-spammers-flooding-facebook-wall.html HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:14:09.918880939 CEST	419	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Expires: Mon, 10 Jun 2024 22:14:09 GMT Date: Mon, 10 Jun 2024 22:14:09 GMT Cache-Control: private, max-age=0 Last-Modified: Thu, 14 Mar 2024 04:14:12 GMT ETag: W/"32199fd45849384259703cfb9ed7f99322695aafd480168da9f763565638bfbd" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 17901 Server: GSE
Jun 11, 2024 00:14:09.925739050 CEST	1236	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 ff ed bd db 76 db b8 b2 28 fa 1c 7f 05 5a 99 dd b2 57 44 49 d4 5d 76 ec 5e b6 7c 4d 7c 8b 25 db 71 32 b3 3d 28 12 92 68 53 a4 42 52 96 95 ac bc ec 5f d9 5f 70 5e cf 79 3d 7b 8c fd 1b e7 4f 4e 15 00 92 20 45 c9 76 3a e9 Data Ascii: v(ZWDI]v^\|M\|%q2=(hSBR__p^y={ON Ev:p)^}\?6^r?lo=;j0LrqlLZobZB7(jh`i,T#X(S?iK{'jv-.o;01>BZTjkc<
Jun 11, 2024 00:14:09.925765038 CEST	1236	IN	Data Raw: 9e db da 5d 57 73 15 b3 e7 c2 a0 91 cf 4b 86 e9 41 c1 e9 2a 18 3b 74 6d e9 cb 12 16 cc 75 1d 63 9a 73 ba 37 54 f7 73 bc 64 6e a0 e6 06 a5 dc a0 9c 1b 54 72 83 6a 6e 50 cb 8d 72 d0 37 fd f6 e3 d8 f1 69 6e e4 d2 9c d6 ed ba 39 cd 30 5c 10 3c 39 dd Data Ascii: ]WsKA*;tmucs7TsdnTrjnPr7in90\<9T1hV9:;L}yCj@93g@?g9ez&0Us9KL09]c"&`:[gB`ikA~P>h9OuPP+CP6mN6K7
Jun 11, 2024 00:14:09.925776958 CEST	1236	IN	Data Raw: 99 39 e6 2a e1 f6 aa c0 41 61 eb 6c a2 cd 18 38 11 55 c0 0f d2 85 3c 02 ab f9 6a 91 0d 5b 24 d7 d4 1d 30 72 77 62 46 ae d4 66 69 46 c1 33 99 98 e8 55 49 4d b7 8c 21 15 17 0d 5c 1b a1 c7 20 5f f2 d6 96 94 a1 f3 49 49 cd 98 d0 ee ad e9 a7 e7 39 29 Data Ascii: 9Aal8U<j[$0rwbFfiF3UIM!\ _II9)Xd'FeM5x"RE&io-SW)nP&S2RXQEWLBjDI\|Kf(3Y,%{&G+zRs40+'y#0qBH/!X&]A$itG3rwv.
Jun 11, 2024 00:14:09.925789118 CEST	390	IN	Data Raw: ab 8a b5 04 29 25 5c a7 45 52 0e 0c 77 ec 3b d0 30 1e 52 f2 7c 77 ac fb 63 b0 70 fd 09 98 84 1e 3b d5 06 16 a4 33 f6 09 35 4c 1f be 4d 4c 97 f2 53 0b d0 6f 34 0e 9e 8b fc 68 83 44 5e 99 25 f7 2a 18 31 45 ee 98 a0 92 16 2d d4 d9 8a 76 9e 27 2b 30 Data Ascii: )%\ERw;0R\|wcp;35LMLSo4hD^%*1E-v'+0s.K&Lqs1I]<I_?eEG8I(RC8C8(%}?,2jRi"FPJr\|hLfi{@y@x@7&sDqk/q8gR
Jun 11, 2024 00:14:09.942914963 CEST	1236	IN	Data Raw: 8b da f2 42 2a 64 5f 4d 1b 05 90 68 7d c1 44 09 c8 b2 d7 4e 4d f2 e0 a2 66 63 ed 30 0d b2 68 b0 66 d7 26 62 9a 45 77 67 a6 39 65 6e 9f 82 0d 9e ce 49 67 cd bf 30 e2 48 d3 df 90 b1 24 70 7f 09 55 c1 3b 9c de 53 5a 06 a0 eb f8 2f 4d 4e ef d8 86 b7 Data Ascii: Bd_Mh}DNMfc0hf&bEwg9enIg0H$pU;SZ/MN.sxB>3(h,!,a{$`!i[YB$ILcc,<?.#kb8q_gyK2b5b(y60,MY4p
Jun 11, 2024 00:14:09.942964077 CEST	1236	IN	Data Raw: dd 97 25 82 7d 84 8c 65 f6 f7 25 ef 02 87 01 28 90 3f 79 fe 6a 2c bd 84 55 41 a5 58 94 8f 0a 46 39 d9 f4 19 04 a8 f3 db 7a 96 64 c9 1f 7f 90 d8 88 41 1a 1f 4e d6 35 06 f5 c5 0b 84 23 10 e3 43 17 76 af 98 13 d0 b0 88 4b c1 b6 b7 59 91 17 59 bc 06 Data Ascii: %}e%(?yj,UAXF9zdAN5#CvKYY_)h6:H{KcQ5=0X5^h=L&J`F)^@~&4]{\|g3}t=ybgD^f%z&>/yl0233S<
Jun 11, 2024 00:14:09.942991018 CEST	424	IN	Data Raw: 29 72 43 88 ed 87 7a 9e ae 0f 93 e6 42 b4 5b f6 18 98 e1 f7 a1 38 00 f5 79 66 40 43 e2 ac 25 65 59 59 52 1d 95 4a 55 ea 59 52 06 63 5b 1a a8 47 3d 5c c6 07 81 b7 c4 d7 c4 31 e9 98 ed 14 b3 30 cd 4f 88 4c 10 99 03 92 92 43 f0 55 bd 5e 0d 65 9b 69 Data Ascii: )rCzB[8yf@C%eYYRJUYRc[G=\10OLCU^eit:`>,ae=`h7!-M=~~k\|<e'ntf*}39o[,@u2![9\|BL\|/U(HV11]c-
Jun 11, 2024 00:14:09.943018913 CEST	1236	IN	Data Raw: 8b 80 3f ef 3b 9f e7 c9 a3 f9 1a 6a b1 18 1e df 5f bd d2 0f b6 27 76 73 c2 c4 70 45 d1 94 da 6b 59 0c df 16 1a 23 5a 7e 37 a9 be 55 ab 3b 8f 12 c3 dd fe 35 c7 98 0b de 30 e8 a6 2c 81 63 4a 23 ce 20 12 13 c6 e5 e8 03 63 f3 58 99 b7 08 c4 23 25 5b Data Ascii: ?;j_'vspEkY#Z~7U;50,cJ# cX#%[.,@n6_Nib#'I<7c8D(QXf-8`NI,O:Pc/tK%h\|I<tgHHYE?86E{mVpc:eg^z`<'#Z
Jun 11, 2024 00:14:09.943049908 CEST	1236	IN	Data Raw: cf e2 1f cb c1 91 fb 95 3c 86 ba 9a 2e 07 47 f6 97 d9 c5 89 25 42 fe b1 9c 15 34 94 5d c9 83 76 5c ce 0e 9d b1 47 d9 2c 65 73 44 2e cf 6e 5a 90 76 38 3c b8 aa 5f fe c7 32 be cd b5 f2 be f8 01 0f e1 93 2f f0 7b 89 ff 46 c8 c2 6a 05 d0 a2 03 cb 08 Data Ascii: <.G%B4]v\G,esD.nZv8<_2/{FjIU"w!Ofy4J@50]DW18D3v;<q_Ge_XeQ#p )1>2<Qa',aAoxW$WbJ?BKE
Jun 11, 2024 00:14:09.943069935 CEST	232	IN	Data Raw: e2 db f2 71 67 bc 75 76 c4 f0 ee bd ee bd de 2c cb 78 1f 15 fa 77 9b 17 e6 c7 f3 f1 d5 20 d8 02 29 7f 63 bc 03 fe 42 3d 07 d6 00 89 47 da 62 41 30 e2 05 90 bc b9 d2 7b 02 cd cb c6 d7 8f 40 eb ed e9 d5 79 c7 d9 1a be 69 5e b1 b1 ef ef 9c 0c 7a 9e Data Ascii: qguv,xw )cB=GbA0{@yi^z<Un7W~/Z2B?X?%K/H#/ER^<XP}mo3K,#>_MD/R^Mj:)D
Jun 11, 2024 00:14:16.245958090 CEST	456	OUT	GET /2012/02/img/2.jpg HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/2012/02/how-spammers-flooding-facebook-wall.html Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:14:16.602850914 CEST	350	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 10 Jun 2024 22:14:16 GMT Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 15856 Server: GSE

Timestamp	Bytes transferred	Direction	Data
Jun 11, 2024 00:14:23.397093058 CEST	496	OUT	GET /2012/01/issue-over-facebook-and-google-in-india.html HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:14:23.908921957 CEST	419	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Expires: Mon, 10 Jun 2024 22:14:23 GMT Date: Mon, 10 Jun 2024 22:14:23 GMT Cache-Control: private, max-age=0 Last-Modified: Thu, 14 Mar 2024 04:14:12 GMT ETag: W/"32199fd45849384259703cfb9ed7f99322695aafd480168da9f763565638bfbd" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 17914 Server: GSE
Jun 11, 2024 00:14:23.911768913 CEST	1236	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 ff ed bd d9 72 db 48 b3 30 78 6d 3d 45 b5 fc 75 53 3a 26 b8 af 92 a5 fe 29 6a b5 b5 59 a4 24 cb 7d 3a 14 20 51 24 21 81 00 05 80 a2 68 1f df fc 4f f2 47 cc 13 cc ed cc dd c4 4c c4 bc c6 bc c9 64 d6 02 14 40 90 92 dc b6 Data Ascii: rH0xm=EuS:&)jY$}: Q$!hOGLd@[YKVVVVne:!hm.?ahFjlv2d&z}2)^h)wE3]g-rlhe;@FP,%xEOXNO]Vufie\/V4p6-
Jun 11, 2024 00:14:23.911806107 CEST	1236	IN	Data Raw: 2b 3f 69 30 a5 bb 8e c5 a4 14 56 79 69 eb f7 1d dd d5 cc 9e 0b 44 23 9f 96 0c d3 83 82 d3 35 30 7c e8 fa d2 e7 25 2c 98 ee 38 c6 34 ed 74 6e 60 6e a7 79 c9 f4 20 9f 1e 14 d2 83 62 7a 50 4a 0f ca e9 41 25 3d 4a 43 df ba b7 77 63 c7 a7 69 10 33 69 Data Ascii: +?i0VyiD#50\|%,84tn`ny bzPJA%=JCwci3iqa] cAt6m/} R,a+=2tM-0-d6]I)m%w{\|=vhiPT+C}Hn
Jun 11, 2024 00:14:23.911839962 CEST	1236	IN	Data Raw: a3 06 2b 59 66 16 ea 72 3a b4 5c 97 e7 98 ab 84 db ab 02 07 8d f9 d9 44 9f 31 70 42 ae 80 1f e4 0b 95 02 6b 99 72 8e 91 2d 94 6b f9 1d 30 72 77 22 46 ae d2 66 61 46 c1 33 99 18 eb 55 21 9f 6c 19 43 2a 3a 0d 5c 1b 61 d0 26 53 f0 d6 97 b4 a1 f3 51 Data Ascii: +Yfr:\D1pBkr-k0rw"FfaF3U!lC:\a&SQK'9qb,csY3f+fQ)[EIDe8V{iF^2GPagSffofI!:1-afk9U/BpBra(Jtu,tH.M
Jun 11, 2024 00:14:23.911874056 CEST	390	IN	Data Raw: 02 a5 8f a2 b9 b2 f0 25 48 21 16 3a cd 91 a2 34 dc b1 ef c0 c3 a0 41 31 28 32 ee fa 63 b0 70 fd 09 98 84 1e db e1 06 16 a4 33 f6 09 35 4c 1f be 4d 4c 97 f2 5d 0b d0 6f 34 0e 5e 8a fc 70 81 44 f5 cc e2 6b 15 8c 99 c2 70 8c ac a4 87 8e 3a f3 68 e7 Data Ascii: %H!:4A1(2cp35LML]o4^pDkp:hELtY\2fe/h`HR)pa lt&bq2"$I+8P8*Za+lA+$cu$uG>#A=08"8KGs~
Jun 11, 2024 00:14:23.918999910 CEST	1236	IN	Data Raw: aa 17 b5 e5 05 5c c8 be 9a 36 0a 20 d1 fa 82 81 12 90 d5 a8 5d 3e 3e 07 17 35 1b 69 87 69 90 45 c4 9a f5 4d c4 30 8b ee ce 0c 73 c2 d8 3e 07 1b dc 9d 93 3c 35 ff 02 c5 91 a7 bf e2 c4 52 c0 fd 25 54 c5 dc e1 fc 9e d0 32 00 dd c0 7f 49 72 7a c7 36 Data Ascii: \6 ]>>5iiEM0s><5R%T2Irz6piMa4\|@? Rg~Tek`${>/)BD^U0"I4_HlKfiDVX+a.udYPq^CnX.f eF6mfea
Jun 11, 2024 00:14:23.919039011 CEST	212	IN	Data Raw: 3e 42 c6 0a fb fb 9a 77 81 c3 00 14 c8 ef 3c 7f 2d 92 5e c0 aa a0 52 2c ca a9 82 b7 9e 34 7c 06 01 ea fc b2 91 22 29 f2 db 6f 24 42 31 48 e3 e4 64 5d 63 50 5f bd 42 38 02 31 4e ba a0 7b b9 b4 80 86 45 5c 0a b6 bd cd 8a bc 4a e1 49 78 48 fc ac 8c Data Ascii: >Bw<-^R,4\|")o$B1Hd]cP_B81N{E\JIxH--Ah#wWap`A*QE`yA-a,/)XL53+,k#cWT^g67ldRfbJ'OUQr\|
Jun 11, 2024 00:14:23.919049025 CEST	1236	IN	Data Raw: 23 07 ec e1 76 5f a5 96 09 9b 17 22 59 9d 2a af 52 a3 87 65 c2 27 53 34 9b a7 b1 fc 2c 4e 64 c0 67 33 b5 8e 6c 13 ed 12 ef 10 70 4d d8 61 48 86 02 a2 33 af a0 33 40 ab cd 14 7c 8a ce 27 ee 97 d8 d4 dd 6f 1f 1d b2 33 9d ab ac 74 96 15 07 a0 91 02 Data Ascii: #v_"Y*Re'S4,Ndg3lpMaH33@\|'o3ta`fdsI-g}E@H6`"rq>;>NTyMz.KP#"v31re=Y(cz3l8t^sY,8T
Jun 11, 2024 00:14:23.919059038 CEST	1236	IN	Data Raw: 31 c6 ca c5 68 8b df bb 63 d7 03 91 34 72 4c a1 1d 23 4b f7 11 d7 48 39 cd a5 15 e2 4c f9 c5 83 94 60 03 85 17 3b 61 4b f5 bf c0 01 6b 7a 17 69 36 1f 7a 59 11 ad 8c 69 0b 84 47 e8 38 f0 24 b7 61 8e 9d cc b7 cf 88 01 29 e6 16 82 4d 92 0e c2 52 ac Data Ascii: 1hc4rL#KH9L`;aKkzi6zYiG8$a)MRUW-Y:x-Z5$:0Ws#? D-[h-{3`WM3`Ngq#L`:\_)q&rk\JU!;j?\lOkF
Jun 11, 2024 00:14:23.919070959 CEST	424	IN	Data Raw: 0a 2d dc 91 96 84 76 12 90 64 09 54 9c 27 81 8a 73 24 50 31 59 02 15 13 24 50 71 66 ee cd b1 81 c3 73 25 33 86 50 6c ee a9 fe b4 bc 8f 46 9d 8b cc f1 25 e1 6b 29 6c 17 b5 e0 d0 b2 2a da eb 71 6b 6a b1 39 7a 3b 7c 53 6b e4 ec 83 0f 37 0e 53 7f a7 Data Ascii: -vdT's$P1Y$Pqfs%3PlF%k)l*qkj9z;\|Sk7S.3Uv}62G\)2LWsg^y`Nz4 \|>k6:i.5s! SjfhxR \wJYkEn_UWeX"_+)Ch{R
Jun 11, 2024 00:14:23.919379950 CEST	1236	IN	Data Raw: 59 d4 1b 5e ec d4 42 e9 f7 43 f4 27 44 28 de 23 e9 2a 2f ea 8e 2c f3 83 74 e6 30 40 39 ec ca cc 91 8c 84 45 87 50 28 3e e1 b9 66 63 6a 6b 50 2f cb ef 71 33 3f 32 bb 19 df 65 fe dd 07 e1 4b 7d bc d5 f3 60 7b 23 e1 31 da df f4 e1 68 fd e3 c3 46 4e Data Ascii: Y^BC'D(#/,t0@9EP(>fcjkP/q3?2eK}`{#1hFNNKVeMZSFZ.WRd=7Rhc(Ho/uU^86LtvbH=M3 ^ONgWu6!kzJOvum=GVb\zb`KbOg3x
Jun 11, 2024 00:14:30.737428904 CEST	460	OUT	GET /2012/01/img/2.jpg HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/2012/01/issue-over-facebook-and-google-in-india.html Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jun 11, 2024 00:14:31.093202114 CEST	350	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 10 Jun 2024 22:14:30 GMT Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 15855 Server: GSE

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://facebooksecurity.blogspot.pe/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Windows Analysis Report
http://facebooksecurity.blogspot.pe/

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:12:58 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 63 6c 56 74 33 4e 78 62 65 30 43 79 42 2f 42 69 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 62 62 66 65 38 39 36 31 37 30 63 63 31 31 36 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: clVt3Nxbe0CyB/Bi.1Context: 3bbfe896170cc116
2024-06-10 22:12:58 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-06-10 22:12:58 UTC	1064	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 63 6c 56 74 33 4e 78 62 65 30 43 79 42 2f 42 69 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 62 62 66 65 38 39 36 31 37 30 63 63 31 31 36 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 56 59 50 4f 76 48 69 47 5a 6c 70 76 58 4d 4b 45 33 44 34 7a 4d 48 79 31 32 6e 50 5a 71 36 69 4d 30 4d 51 41 78 6f 7a 57 61 64 62 43 6e 44 4c 32 51 5a 4d 61 6a 52 50 53 5a 51 6e 63 35 51 42 35 6d 5a 71 5a 56 44 38 4e 78 32 61 4f 78 38 48 73 4c 44 58 66 55 76 69 58 59 43 74 38 46 46 65 47 7a 66 35 4e 76 79 5a 44 50 33 45 33 50 Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: clVt3Nxbe0CyB/Bi.2Context: 3bbfe896170cc116<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAVYPOvHiGZlpvXMKE3D4zMHy12nPZq6iM0MQAxozWadbCnDL2QZMajRPSZQnc5QB5mZqZVD8Nx2aOx8HsLDXfUviXYCt8FFeGzf5NvyZDP3E3P
2024-06-10 22:12:58 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 63 6c 56 74 33 4e 78 62 65 30 43 79 42 2f 42 69 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 62 62 66 65 38 39 36 31 37 30 63 63 31 31 36 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: clVt3Nxbe0CyB/Bi.3Context: 3bbfe896170cc116
2024-06-10 22:12:59 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-06-10 22:12:59 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 57 64 7a 77 58 74 5a 70 32 30 4f 47 73 69 45 6b 41 50 76 55 39 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: WdzwXtZp20OGsiEkAPvU9Q.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:12:59 UTC	59	OUT	GET / HTTP/1.1 Host: ipinfo.io Connection: Keep-Alive
2024-06-10 22:12:59 UTC	513	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 10 Jun 2024 22:12:59 GMT content-type: application/json; charset=utf-8 Content-Length: 314 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-06-10 22:12:59 UTC	314	IN	Data Raw: 7b 0a 20 20 22 69 70 22 3a 20 22 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 31 22 2c 0a 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 31 2e 73 74 61 74 69 63 2e 71 75 61 64 72 61 6e 65 74 2e 63 6f 6d 22 2c 0a 20 20 22 63 69 74 79 22 3a 20 22 44 61 6c 6c 61 73 22 2c 0a 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 54 65 78 61 73 22 2c 0a 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 22 6c 6f 63 22 3a 20 22 33 32 2e 38 31 35 32 2c 2d 39 36 2e 38 37 30 33 22 2c 0a 20 20 22 6f 72 67 22 3a 20 22 41 53 38 31 30 30 20 51 75 61 64 72 61 4e 65 74 20 45 6e 74 65 72 70 72 69 73 65 73 20 4c 4c 43 22 2c 0a 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 37 35 32 34 37 22 2c 0a 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72 Data Ascii: { "ip": "173.254.250.91", "hostname": "173.254.250.91.static.quadranet.com", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.8152,-96.8703", "org": "AS8100 QuadraNet Enterprises LLC", "postal": "75247", "timezone": "Amer

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:13:03 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 79 69 59 43 75 71 38 56 4f 30 57 35 37 32 53 71 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 36 33 36 33 33 63 39 64 32 64 31 64 31 36 38 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: yiYCuq8VO0W572Sq.1Context: f63633c9d2d1d168
2024-06-10 22:13:03 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-06-10 22:13:03 UTC	1064	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 79 69 59 43 75 71 38 56 4f 30 57 35 37 32 53 71 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 36 33 36 33 33 63 39 64 32 64 31 64 31 36 38 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 56 59 50 4f 76 48 69 47 5a 6c 70 76 58 4d 4b 45 33 44 34 7a 4d 48 79 31 32 6e 50 5a 71 36 69 4d 30 4d 51 41 78 6f 7a 57 61 64 62 43 6e 44 4c 32 51 5a 4d 61 6a 52 50 53 5a 51 6e 63 35 51 42 35 6d 5a 71 5a 56 44 38 4e 78 32 61 4f 78 38 48 73 4c 44 58 66 55 76 69 58 59 43 74 38 46 46 65 47 7a 66 35 4e 76 79 5a 44 50 33 45 33 50 Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: yiYCuq8VO0W572Sq.2Context: f63633c9d2d1d168<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAVYPOvHiGZlpvXMKE3D4zMHy12nPZq6iM0MQAxozWadbCnDL2QZMajRPSZQnc5QB5mZqZVD8Nx2aOx8HsLDXfUviXYCt8FFeGzf5NvyZDP3E3P
2024-06-10 22:13:03 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 79 69 59 43 75 71 38 56 4f 30 57 35 37 32 53 71 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 36 33 36 33 33 63 39 64 32 64 31 64 31 36 38 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: yiYCuq8VO0W572Sq.3Context: f63633c9d2d1d168
2024-06-10 22:13:04 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-06-10 22:13:04 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 78 4b 42 32 43 4a 5a 55 53 30 47 63 65 6f 6a 6e 66 30 6e 31 46 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: xKB2CJZUS0Gceojnf0n1FQ.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:13:09 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 49 63 6a 50 75 5a 67 49 35 55 47 61 49 48 6a 76 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 31 34 30 63 61 34 33 65 61 38 36 35 38 64 31 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: IcjPuZgI5UGaIHjv.1Context: 8140ca43ea8658d1
2024-06-10 22:13:09 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-06-10 22:13:09 UTC	1076	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 35 33 0d 0a 4d 53 2d 43 56 3a 20 49 63 6a 50 75 5a 67 49 35 55 47 61 49 48 6a 76 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 31 34 30 63 61 34 33 65 61 38 36 35 38 64 31 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 58 7a 55 45 6b 33 4e 66 59 68 39 44 37 4a 45 5a 56 62 6c 51 70 7a 62 55 68 49 35 31 6e 4c 71 31 6c 79 78 73 49 65 70 6c 50 58 6f 72 4f 79 52 49 56 48 6e 75 53 2b 51 69 6e 32 63 6a 51 38 47 78 6c 52 66 65 2f 66 72 53 38 6e 4e 35 33 45 6b 50 56 49 67 5a 54 76 4c 63 7a 43 74 4b 2f 74 4b 78 6b 4e 6c 45 66 39 33 48 61 4b 43 39 4b Data Ascii: ATH 2 CON\DEVICE 1053MS-CV: IcjPuZgI5UGaIHjv.2Context: 8140ca43ea8658d1<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAXzUEk3NfYh9D7JEZVblQpzbUhI51nLq1lyxsIeplPXorOyRIVHnuS+Qin2cjQ8GxlRfe/frS8nN53EkPVIgZTvLczCtK/tKxkNlEf93HaKC9K
2024-06-10 22:13:09 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 49 63 6a 50 75 5a 67 49 35 55 47 61 49 48 6a 76 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 31 34 30 63 61 34 33 65 61 38 36 35 38 64 31 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: IcjPuZgI5UGaIHjv.3Context: 8140ca43ea8658d1<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-06-10 22:13:09 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-06-10 22:13:09 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 6a 37 74 78 72 44 49 6c 65 45 47 65 36 52 61 4c 57 34 69 67 49 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: j7txrDIleEGe6RaLW4igIQ.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:13:12 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 79 71 36 49 75 4e 4b 7a 61 30 65 68 33 4e 31 64 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 63 63 30 66 30 33 30 62 61 34 62 37 31 37 65 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: yq6IuNKza0eh3N1d.1Context: ecc0f030ba4b717e
2024-06-10 22:13:12 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-06-10 22:13:12 UTC	1064	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 79 71 36 49 75 4e 4b 7a 61 30 65 68 33 4e 31 64 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 63 63 30 66 30 33 30 62 61 34 62 37 31 37 65 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 56 59 50 4f 76 48 69 47 5a 6c 70 76 58 4d 4b 45 33 44 34 7a 4d 48 79 31 32 6e 50 5a 71 36 69 4d 30 4d 51 41 78 6f 7a 57 61 64 62 43 6e 44 4c 32 51 5a 4d 61 6a 52 50 53 5a 51 6e 63 35 51 42 35 6d 5a 71 5a 56 44 38 4e 78 32 61 4f 78 38 48 73 4c 44 58 66 55 76 69 58 59 43 74 38 46 46 65 47 7a 66 35 4e 76 79 5a 44 50 33 45 33 50 Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: yq6IuNKza0eh3N1d.2Context: ecc0f030ba4b717e<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAVYPOvHiGZlpvXMKE3D4zMHy12nPZq6iM0MQAxozWadbCnDL2QZMajRPSZQnc5QB5mZqZVD8Nx2aOx8HsLDXfUviXYCt8FFeGzf5NvyZDP3E3P
2024-06-10 22:13:12 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 79 71 36 49 75 4e 4b 7a 61 30 65 68 33 4e 31 64 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 63 63 30 66 30 33 30 62 61 34 62 37 31 37 65 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: yq6IuNKza0eh3N1d.3Context: ecc0f030ba4b717e<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-06-10 22:13:12 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-06-10 22:13:12 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 32 51 4b 54 6c 31 66 45 77 6b 36 79 39 4c 31 77 57 47 6d 41 71 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: 2QKTl1fEwk6y9L1wWGmAqQ.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:13:14 UTC	589	OUT	GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1 Host: www.blogger.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-06-10 22:13:14 UTC	688	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech" Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} Content-Length: 30597 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Fri, 07 Jun 2024 04:56:20 GMT Expires: Sat, 07 Jun 2025 04:56:20 GMT Cache-Control: public, max-age=31536000 Last-Modified: Thu, 06 Jun 2024 23:56:19 GMT Content-Type: text/css Vary: Accept-Encoding Age: 321414 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-06-10 22:13:14 UTC	690	IN	Data Raw: 73 65 63 74 69 6f 6e 2c 6e 61 76 2c 61 72 74 69 63 6c 65 2c 61 73 69 64 65 2c 68 67 72 6f 75 70 2c 68 65 61 64 65 72 2c 66 6f 6f 74 65 72 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 74 69 6d 65 2c 6d 61 72 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 75 6c 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 75 6c 20 6c 69 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6c 69 73 74 2d 73 74 79 6c 65 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 63 6c 65 61 72 3a 6c 65 66 74 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 61 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a Data Ascii: section,nav,article,aside,hgroup,header,footer{display:block}time,mark{display:inline}.blog-list-container ul{padding-left:0}.blog-list-container ul li{padding-left:0;list-style:none;list-style-image:none;clear:left}.blog-list-container a{text-decoration:
2024-06-10 22:13:14 UTC	1378	IN	Data Raw: 61 69 6c 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 6d 61 72 67 69 6e 3a 32 70 78 20 35 70 78 20 35 70 78 20 30 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 69 74 65 6d 2d 74 69 6d 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 39 35 25 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 69 74 61 6c 69 63 3b 63 6c 65 61 72 3a 6c 65 66 74 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 68 6f 77 2d 6f 70 74 69 6f 6e 7b 66 6f 6e 74 2d 73 69 7a 65 3a 37 35 25 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 77 69 64 67 65 74 7b 68 65 69 67 68 74 3a 33 32 30 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 Data Ascii: ail{float:left;margin:2px 5px 5px 0}.blog-list-container .item-time{font-size:95%;font-style:italic;clear:left}.blog-list-title{font-weight:bold}.blog-list-container .show-option{font-size:75%;text-align:right}.contact-form-widget{height:320;margin-left:0
2024-06-10 22:13:14 UTC	1378	IN	Data Raw: 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 39 64 39 64 39 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 30 63 30 63 30 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 63 6f 6c 6f 72 3a 23 33 33 33 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 68 65 69 67 68 74 3a 32 34 70 78 3b 6d 61 72 67 69 6e 3a 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 70 61 64 64 69 6e 67 3a 30 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 7d 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 65 6d 61 69 6c 2d 6d 65 73 73 61 Data Ascii: d-color:#fff;border:1px solid #d9d9d9;border-top:1px solid #c0c0c0;box-sizing:border-box;color:#333;display:inline-block;font-family:Arial,sans-serif;font-size:13px;height:24px;margin:0;margin-top:5px;padding:0;vertical-align:top}.contact-form-email-messa
2024-06-10 22:13:14 UTC	1378	IN	Data Raw: 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6d 73 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 66 35 66 35 66 35 2c 23 66 31 66 31 66 31 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6f 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 66 35 66 35 66 35 2c 23 66 31 66 31 66 31 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 66 35 66 35 66 35 2c 23 66 31 66 31 66 31 29 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 63 64 63 64 63 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 3b 63 6f 6c 6f 72 3a 23 34 34 34 3b 63 75 72 73 6f 72 Data Ascii: ound-image:-ms-linear-gradient(top,#f5f5f5,#f1f1f1);background-image:-o-linear-gradient(top,#f5f5f5,#f1f1f1);background-image:linear-gradient(top,#f5f5f5,#f1f1f1);border:1px solid #dcdcdc;border:1px solid rgba(0,0,0,.1);border-radius:2px;color:#444;cursor
2024-06-10 22:13:14 UTC	1378	IN	Data Raw: 30 7d 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2e 66 6f 63 75 73 2c 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2e 72 69 67 68 74 2e 66 6f 63 75 73 2c 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2e 6d 69 64 2e 66 6f 63 75 73 2c 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2e 6c 65 66 74 2e 66 6f 63 75 73 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 34 64 39 30 66 65 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 7a 2d 69 6e 64 65 78 3a 34 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2d 73 75 62 6d 69 74 3a 66 6f 63 75 73 2c 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2d 73 75 62 6d 69 74 2e 66 6f 63 75 73 7b 2d 6d 6f Data Ascii: 0}.contact-form-button.focus,.contact-form-button.right.focus,.contact-form-button.mid.focus,.contact-form-button.left.focus{border:1px solid #4d90fe;outline:none;z-index:4 !important}.contact-form-button-submit:focus,.contact-form-button-submit.focus{-mo
2024-06-10 22:13:14 UTC	1378	IN	Data Raw: 6c 69 6e 65 61 72 2c 6c 65 66 74 20 74 6f 70 2c 6c 65 66 74 20 62 6f 74 74 6f 6d 2c 66 72 6f 6d 28 23 36 36 36 29 2c 74 6f 28 23 34 34 34 29 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 36 36 36 2c 23 34 34 34 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6d 6f 7a 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 36 36 36 2c 23 34 34 34 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6d 73 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 36 36 36 2c 23 34 34 34 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6f 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 36 36 36 2c Data Ascii: linear,left top,left bottom,from(#666),to(#444));background-image:-webkit-linear-gradient(top,#666,#444);background-image:-moz-linear-gradient(top,#666,#444);background-image:-ms-linear-gradient(top,#666,#444);background-image:-o-linear-gradient(top,#666,
2024-06-10 22:13:14 UTC	1378	IN	Data Raw: 30 66 65 29 2c 74 6f 28 23 33 35 37 61 65 38 29 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6d 6f 7a 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6d 73 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6f 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 Data Ascii: 0fe),to(#357ae8));background-image:-webkit-linear-gradient(top,#4d90fe,#357ae8);background-image:-moz-linear-gradient(top,#4d90fe,#357ae8);background-image:-ms-linear-gradient(top,#4d90fe,#357ae8);background-image:-o-linear-gradient(top,#4d90fe,#357ae8);b
2024-06-10 22:13:14 UTC	1378	IN	Data Raw: 63 69 74 79 3a 2e 38 7d 2e 6c 61 62 65 6c 2d 73 69 7a 65 2d 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 39 30 25 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 39 30 29 3b 6f 70 61 63 69 74 79 3a 2e 39 7d 2e 6c 61 62 65 6c 2d 73 69 7a 65 2d 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 25 7d 2e 6c 61 62 65 6c 2d 73 69 7a 65 2d 34 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 30 25 7d 2e 6c 61 62 65 6c 2d 73 69 7a 65 2d 35 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 30 25 7d 2e 63 6c 6f 75 64 2d 6c 61 62 65 6c 2d 77 69 64 67 65 74 2d 63 6f 6e 74 65 6e 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6a 75 73 74 69 66 79 7d 2e 6c 61 62 65 6c 2d 63 6f 75 6e 74 7b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 2e 6c 61 62 65 6c 2d 73 69 7a 65 7b 6c 69 6e 65 2d Data Ascii: city:.8}.label-size-2{font-size:90%;filter:alpha(opacity=90);opacity:.9}.label-size-3{font-size:100%}.label-size-4{font-size:120%}.label-size-5{font-size:160%}.cloud-label-widget-content{text-align:justify}.label-count{white-space:nowrap}.label-size{line-
2024-06-10 22:13:14 UTC	1378	IN	Data Raw: 6c 61 79 3a 74 61 62 6c 65 7d 2e 63 6c 65 61 72 62 6f 74 68 7b 63 6c 65 61 72 3a 62 6f 74 68 7d 2e 64 69 6d 2d 6f 76 65 72 6c 61 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 2e 35 34 29 3b 68 65 69 67 68 74 3a 31 30 30 76 68 3b 6c 65 66 74 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 6f 70 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 7d 23 73 68 61 72 69 6e 67 2d 64 69 6d 2d 6f 76 65 72 6c 61 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 69 6e 70 75 74 3a 3a 2d 6d 73 2d 63 6c 65 61 72 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 62 6c 6f 67 67 65 72 2d 6c 6f 67 6f 2c 2e 73 76 67 2d 69 63 6f 6e 2d 32 34 2e 62 6c 6f 67 67 65 72 2d 6c 6f 67 6f 7b 66 69 6c 6c 3a Data Ascii: lay:table}.clearboth{clear:both}.dim-overlay{background-color:rgba(0,0,0,.54);height:100vh;left:0;position:fixed;top:0;width:100%}#sharing-dim-overlay{background-color:transparent}input::-ms-clear{display:none}.blogger-logo,.svg-icon-24.blogger-logo{fill:
2024-06-10 22:13:14 UTC	1378	IN	Data Raw: 72 69 6e 67 2d 70 6c 61 74 66 6f 72 6d 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 31 32 38 2c 31 32 38 2c 31 32 38 2c 2e 31 29 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 7d 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 20 6c 69 20 73 76 67 5b 63 6c 61 73 73 5e 3d 73 68 61 72 69 6e 67 2d 5d 2c 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 20 6c 69 20 73 76 67 5b 63 6c 61 73 73 2a 3d 22 20 73 68 61 72 69 6e 67 2d 22 5d 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 31 30 70 78 7d 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 20 6c 69 20 73 70 61 6e 2e 73 68 61 72 69 6e 67 2d 70 6c 61 74 66 6f 72 6d 2d 62 75 74 74 6f 6e 2c 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 20 6c 69 20 73 70 61 6e Data Ascii: ring-platform-button:hover{background-color:rgba(128,128,128,.1);outline:none}.share-buttons li svg[class^=sharing-],.share-buttons li svg[class*=" sharing-"]{position:absolute;top:10px}.share-buttons li span.sharing-platform-button,.share-buttons li span

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:13:14 UTC	639	OUT	GET /site/bloggerwidgets01/socialite.js HTTP/1.1 Host: sites.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-06-10 22:13:14 UTC	609	IN	HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Location: https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsocialite.js Date: Mon, 10 Jun 2024 22:13:14 GMT Expires: Mon, 10 Jun 2024 22:13:14 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-06-10 22:13:14 UTC	322	IN	Data Raw: 31 33 62 0d 0a 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 3e 0a 3c 21 2d 2d 20 47 53 45 20 44 65 66 61 75 6c 74 20 45 72 72 6f 72 20 2d 2d 3e 0a 3c 48 31 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 73 69 74 65 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 69 74 65 2f 73 69 74 65 73 2f 73 79 73 74 65 6d 2f 65 72 72 6f 72 73 2f 57 65 62 73 70 61 63 65 4e 6f 74 46 6f 75 6e 64 3f 70 61 Data Ascii: 13b<HTML><HEAD><TITLE>Moved Temporarily</TITLE></HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000">... GSE Default Error --><H1>Moved Temporarily</H1>The document has moved <A HREF="https://sites.google.com/site/sites/system/errors/WebspaceNotFound?pa
2024-06-10 22:13:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:13:14 UTC	637	OUT	GET /site/bloggerwidgets01/sharrre.js HTTP/1.1 Host: sites.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-06-10 22:13:14 UTC	607	IN	HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Location: https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsharrre.js Date: Mon, 10 Jun 2024 22:13:14 GMT Expires: Mon, 10 Jun 2024 22:13:14 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-06-10 22:13:14 UTC	320	IN	Data Raw: 31 33 39 0d 0a 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 3e 0a 3c 21 2d 2d 20 47 53 45 20 44 65 66 61 75 6c 74 20 45 72 72 6f 72 20 2d 2d 3e 0a 3c 48 31 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 73 69 74 65 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 69 74 65 2f 73 69 74 65 73 2f 73 79 73 74 65 6d 2f 65 72 72 6f 72 73 2f 57 65 62 73 70 61 63 65 4e 6f 74 46 6f 75 6e 64 3f 70 61 Data Ascii: 139<HTML><HEAD><TITLE>Moved Temporarily</TITLE></HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000">... GSE Default Error --><H1>Moved Temporarily</H1>The document has moved <A HREF="https://sites.google.com/site/sites/system/errors/WebspaceNotFound?pa
2024-06-10 22:13:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:13:14 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-06-10 22:13:15 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=237398 Date: Mon, 10 Jun 2024 22:13:14 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-06-10 22:13:15 UTC	686	OUT	GET /site/sites/system/errors/WebspaceNotFound?path=%2Fbloggerwidgets01%2Fsocialite.js HTTP/1.1 Host: sites.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-06-10 22:13:16 UTC	794	IN	HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 X-Frame-Options: DENY Last-Modified: Mon, 03 Jun 2024 05:42:14 GMT Location: https://accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/bloggerwidgets01/socialite.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/bloggerwidgets01/socialite.js Date: Mon, 10 Jun 2024 22:13:15 GMT Expires: Mon, 10 Jun 2024 22:13:15 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-06-10 22:13:16 UTC	528	IN	Data Raw: 32 30 39 0d 0a 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 3e 0a 3c 21 2d 2d 20 47 53 45 20 44 65 66 61 75 6c 74 20 45 72 72 6f 72 20 2d 2d 3e 0a 3c 48 31 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 61 63 63 6f 75 6e 74 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 53 65 72 76 69 63 65 4c 6f 67 69 6e 3f 73 65 72 76 69 63 65 3d 6a 6f 74 73 70 6f 74 26 61 6d 70 3b 70 61 73 73 69 76 65 3d Data Ascii: 209<HTML><HEAD><TITLE>Moved Temporarily</TITLE></HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000">... GSE Default Error --><H1>Moved Temporarily</H1>The document has moved <A HREF="https://accounts.google.com/ServiceLogin?service=jotspot&passive=
2024-06-10 22:13:16 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0