Edit tour

Windows Analysis Report
http://facebooksecurity.blogspot.dk/

Overview

General Information

Sample URL:	http://facebooksecurity.blogspot.dk/
Analysis ID:	1511345
Infos:

Detection

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Multi AV Scanner detection for submitted file

Detected suspicious crossdomain redirect

Found iframes

HTTP GET or POST without a user agent

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5544 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5232 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6960 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4300 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6260 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6408 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://facebooksecurity.blogspot.dk/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://facebooksecurity.blogspot.dk/

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: http://facebooksecurity.blogspot.com/img/2.jpg

Avira URL Cloud: Label: phishing

Multi AV Scanner detection for submitted file

Source: http://facebooksecurity.blogspot.dk/

Virustotal: Detection: 9%

Perma Link

Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: Iframe src: https://li.protechts.net/index.html?ts=1726354322571&r_id=AAYiHC%2FZ9IIiiDosK4cKTg%3D%3D&app_id=PXdOjV695v&uc=scraping&d_id=d01a45d51634753077f99e1f3d294d23da189fd55353d34a63760ce5b4280763
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: Iframe src: https://li.protechts.net/index.html?ts=1726354326430&r_id=AAYiHC/Z9IIiiDosK4cKTg==&pt=undefined&app_id=PXdOjV695v&uc=scraping&d_id=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: Iframe src: https://li.protechts.net/index.html?ts=1726354322571&r_id=AAYiHC%2FZ9IIiiDosK4cKTg%3D%3D&app_id=PXdOjV695v&uc=scraping&d_id=d01a45d51634753077f99e1f3d294d23da189fd55353d34a63760ce5b4280763
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: Iframe src: https://li.protechts.net/index.html?ts=1726354326430&r_id=AAYiHC/Z9IIiiDosK4cKTg==&pt=undefined&app_id=PXdOjV695v&uc=scraping&d_id=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro

HTTP Parser: <input type="password" .../> found

Source: http://facebooksecurity.blogspot.com/	HTTP Parser: No favicon
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No favicon
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No favicon
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No favicon
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No favicon
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No favicon
Source: https://www.blogger.com/profile/07973550498852665411	HTTP Parser: No favicon
Source: http://facebooksecurity.blogspot.com/2011/11/impress-your-freinds-with-new-facebook.html	HTTP Parser: No favicon

Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No <meta name="author".. found
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No <meta name="author".. found
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No <meta name="author".. found

Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No <meta name="copyright".. found
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No <meta name="copyright".. found
Source: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQE2t1LKxEdqMQAAAZHyvFrgnBmq_BS4Cv6_m39Iq7zE2dS9UR2hgYwT8z5fvNQmwUViMbekhL7sjeYYI4tHJcNfUxzmdnKIS67D3prn2nM09PajjBrIHnYeqSIAiA7w2G6M_lo=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fprofile%2Fview%3Fid%3D138522409%26locale%3Den_US%26trk%3Dtab_pro	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: twitter.com to https://x.com/salimsays

Source: global traffic	HTTP traffic detected: GET is not allowed on path /1.1/jot/client_event.json
Source: global traffic	HTTP traffic detected: GET is not allowed on path /1.1/jot/client_event.json
Source: global traffic	HTTP traffic detected: GET is not allowed on path /1.1/jot/client_event.json
Source: global traffic	HTTP traffic detected: GET is not allowed on path /1.1/jot/ces/p2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKConnection: keep-aliveContent-Length: 33254Server: nginxContent-Type: application/javascript; charset=utf-8Last-Modified: Fri, 18 Oct 1991 12:00:00 GMTETag: W/"28feccc0-16f44"Cache-Control: public, max-age=31536000, stale-while-revalidate=604800Access-Control-Allow-Origin: *Content-Encoding: gzipVia: 1.1 varnish, 1.1 varnishAccept-Ranges: bytesDate: Sat, 14 Sep 2024 22:51:37 GMTAge: 2647227X-Served-By: cache-lga21959-LGA, cache-nyc-kteb1890032-NYCX-Cache: HIT, HITX-Cache-Hits: 4122, 2X-Timer: S1726354297.305608,VS0,VE0Vary: Accept-EncodingData Raw: 1f 8b 08 00 00 00 00 00 02 03 c4 bd f9 62 db 48 92 37 f8 ff 3c 85 88 f6 c8 80 99 a2 a4 3a 66 a6 41 c1 5c 1f e5 ae ea ae 6b ca 9e ae ee a1 e8 5a 5c 04 c1 db 24 65 d9 25 72 9e 65 9f 65 9f 6c e3 17 91 99 48 80 90 ec ee fd be dd 3a 44 1c 89 3c 23 e3 ca 38 ce 9f 74 4e a6 ff 79 93 6f 3e 9e bc bf ec fd fb c9 f4 1d ae 7b e9 6a 71 b2 37 37 ab 4d 71 3e 2f d3 7c b9 cd 4f 9e 9c ff 8b 3f be 59 a6 bb 72 b5 f4 63 95 04 77 e6 ee 24 7d e6 c7 c1 dd 26 df dd 6c 96 27 e3 5e b9 fd b5 5c 66 ab 5b 7a 38 88 c3 b8 b7 5c 65 f9 9b 8f eb 3c 8a a2 3f 0e e2 5e 96 8f e3 9b f9 ee af 65 7e bb df c7 bd 75 bc c9 97 3b f9 22 ec 5c 1e aa 5a 3f a0 d6 72 ec 77 d2 c5 30 1e 05 77 ef e3 cd 49 12 a5 bd 64 95 7d 54 59 34 f6 bd 2b af 1b 77 bd a7 5e d0 8b d7 eb 7c 99 bd 59 f9 49 a0 f2 28 eb a5 db ad ef 65 e5 76 3d 8f 3f 7a 41 3f eb 6d f2 c5 ea 7d ee 07 7d aa 10 3d f1 96 ab 65 ee ed f7 7c ed 05 77 e9 72 bf f7 d3 25 55 9f 6e f2 78 97 7f 33 cf 17 d4 2f df 2b c7 9b 78 91 7b 81 4a 97 3d be 7c be da 64 f9 26 a2 db db 32 db 4d 70 31 c9 cb 62 b2 8b 2e 02 95 e8 9e bc 98 94 f3 8c ea e3 f6 3a e9 6a bf ef 50 b9 5a d5 41 ba 8a 7c 3c 5c 2d 77 76 06 f6 fb ea c9 cb 55 7a c3 05 7b 99 be 52 e9 aa 77 bb 29 77 b9 ef a7 58 a9 75 bc fb 81 26 17 43 78 f1 fa f5 e5 0b 7e e2 0d bc ab 0e 7d b1 a3 29 3f 99 ec 16 f3 a7 5e 48 23 ec 7a 57 7c 73 85 e9 7b 8a f1 ac 7a e9 7c b5 c5 9c 64 11 6e 6a e3 8e b9 00 ca d6 46 94 61 7a c7 3c bd 99 aa 26 98 c6 2d 13 6c c7 7d e0 45 8b f2 83 06 0b be 75 16 f7 56 60 08 6b 9a 46 77 87 fe b8 97 c7 e9 c4 4f b7 18 7d 1a ef d0 ea fc a3 3f 1c 29 7a b4 05 10 fa 17 f4 41 a0 2c 0c d2 9a 0d 77 93 72 3b 8a e2 43 d0 37 cd 38 4d bc 47 91 5d 94 38 8f 6e e8 d1 36 df bd 29 17 f9 ea 66 e7 a7 ef d5 45 f5 e9 8e 06 b6 24 b0 0d 9c 0f e6 f4 c1 6e f3 d1 00 f7 32 bf 3d 89 7b cf e8 e5 fb fc 6f 3f 25 d3 3c 25 08 f9 a1 4c 37 ab ed 6a bc eb fd ed 87 ef bf 7d f3 e6 67 8f 46 1f ef 68 34 34 c0 83 53 d9 ac ad 32 7c b3 db ad 7f c9 69 cb 6d 77 ed 1f e6 Data Ascii: bH7<:fA\kZ\$e%reelH:D<#8tNyo>{jq77Mq>/\|O?Yrcw$}&l'^\f[z8\e<?^e~u;"\Z?rw0wId}TY4+w^\|YI(ev=?zA?m}}=e\|wr%Unx3/+x{J=\|d&2Mp1b.:jPZA\|<\-wvUz{Rw)wXu&Cx~})?^H#zW\|s{z\|dnjFaz<&-l}
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Type: image/x-iconExpires: Sat, 14 Sep 2024 22:51:53 GMTDate: Sat, 14 Sep 2024 22:51:53 GMTCache-Control: private, max-age=86400Last-Modified: Wed, 28 Aug 2024 23:43:33 GMTETag: W/"5f5c1da81114420560597a091adc3d3dbd351d0032fffd44472cf59b89c6bcf9"Content-Encoding: gzipX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: frame-ancestors 'self'X-XSS-Protection: 1; mode=blockContent-Length: 665Server: GSEData Raw: 1f 8b 08 00 00 00 00 00 00 ff 7d 93 5d 48 53 61 18 c7 5f 51 28 87 e8 d8 45 57 63 78 a1 e0 47 db ce 26 3b 3a 5d 78 64 c7 75 5a 08 3a 5c 2d 1d 15 b4 dc c4 31 89 30 85 70 d3 81 30 c1 22 cd 2b cd 10 a3 0b bb 90 ae ec ce d4 8b 79 13 53 64 62 1f 37 8a b8 2d 2d ea c2 9b a8 f6 ef bc 67 69 9b 9b fd 0f ff f3 f1 bc cf ef 79 0e 2f ef 43 48 9e 78 c9 e5 44 bc 97 12 4f 01 21 17 08 21 15 a2 c5 90 18 49 c5 a9 b8 02 92 25 00 ff 9c 48 c8 d6 d7 d6 4a ed 6d 6d 82 41 af ef d5 aa d5 c3 9a aa aa 91 1a 86 b9 7f 55 10 ec 53 93 93 d5 38 3a 2a ca 60 d2 4c c5 1a d9 97 95 17 2b a1 d1 69 a0 ab 61 44 eb c0 e8 19 54 6b aa 51 51 55 f1 ed 74 df 74 51 ae fe 92 11 1c cf a1 ae a1 0e b5 0d b5 92 4d 8d 26 70 cd 1c 4c 9c 09 4c 8d 36 13 fa 2b 35 a3 06 67 e6 24 be b8 a4 98 e6 64 d9 28 ae 35 f1 4d 60 eb d9 8c 1a 1a 9d 3a 69 16 cc 30 5b cc 19 f9 5f 87 8a b2 6a 70 e6 46 58 ac 16 18 4d c6 93 1a 94 6b 77 b4 43 2e 97 ff 97 97 c9 64 50 2a 95 b0 d9 db 60 6d b9 22 f1 13 53 13 bc 5d 64 af dd b0 67 f5 4a e7 15 0a 05 ca cb cb c1 b2 2c 1c 9d d7 e1 bc e5 44 f3 65 fe b7 b5 c5 9a ec ea be 0b 57 d7 9d 9c bc 52 71 1e 2a 95 0a 06 83 01 16 8b 05 36 9b 0d 9e 1e 37 7a ef f5 a2 e3 66 07 9c b7 3b 31 f0 70 00 81 60 20 27 4f 2d 08 02 9c 4e 27 3c 1e 0f 7c 3e 1f 46 42 23 f0 0f fb e1 f5 f5 e0 27 7e 74 3f 1e 7f 84 e9 99 e9 33 fb bb 5c 2e f4 f5 f5 c1 ef f7 23 10 08 60 66 f6 19 c6 9f 3e 11 fb f6 27 e9 1e 3c 9f 9d c1 e2 9b 45 68 b5 da 13 96 ee e5 71 ff 81 fe 07 08 06 83 18 1d 1d 45 28 14 c2 c2 eb 85 e3 7e 92 e6 5f cd 63 65 75 19 e1 70 58 62 0b 0b 0b 51 56 56 06 9e e7 e1 76 bb 31 38 38 28 71 63 63 63 08 af 85 b1 f4 76 09 73 2f e6 32 ce c0 ca ea 0a b6 df 6f 23 b2 1e 81 c3 e1 90 f6 ab b5 b5 15 5e af 57 fa 6f ca 47 a3 51 6c 6d 6d 49 7c ae 39 da d8 dc c0 de de 1e 0e bf 1c 22 f1 39 81 58 3c 86 58 2c e5 78 3c 8e dd dd 5d 44 22 11 31 15 79 a7 cf fe c9 1c 25 f1 8e b2 b4 0e e5 0e 0e 0e a4 f7 fd fd 7d 7c fc f4 e1 57 ae b9 c9 e0 d3 d6 ce fa 4e 8f ed 9c 23 e4 7b 49 ea b9 9c 4f c8 50 5e ca a7 75 1c a7 39 3b f9 29 86 96 f9 03 01 28 96 a3 7e 04 00 00 Data Ascii: }]HSa_Q(EWcxG&;:]xduZ:\-10p0"+ySdb7--giy/CHxDO!!I%HJmmAUS8:`L+iaDTkQQUttQM&pLL6+5g$d(5M`:i0[_jpFXMkwC.dP`m"S]dgJ,DeWRq*67zf;1p` 'O-N'<\|>FB#'~t?3\.#`f>'<EhqE(~_ceupX

Source: global traffic	HTTP traffic detected: GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /static/v1/widgets/4140855455-widgets.js HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/platform.js HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/widgets/4140855455-widgets.js HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=47a2a7c7-d7bb-4a04-8cfd-fe2cf880b27d HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEjhRdUkdNaj7S0PczG7Rmt23sdOM3ZHfOgcIbOX4UOuhB5r-PBVtOSQjpp9PBLUMwaQcCeNwvrD7-SUSMWFxH7Jo7pGJAWxx5EhwHnoCa2pNWDmIeVYdgUyhwAHcKJc566cHe-ep2nVPDA/w72-h72-p-k-no-nu/https-background.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/w72-h72-p-k-no-nu/t1larg.facebook.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhrLaU42y46_ybqP8t2TS9ekCY2dCKk-oGYyBd18CBMybseiMun4aeXWp7YnK-VqYnCm59QOdb2bq6sXH-yCFw7CeNLKoz0GL3JeiewV2XggyNOeaVbGYuZ49RyTj5K92Bs-oXRa7IR428/w72-h72-p-k-no-nu/Facebook-hack.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/w72-h72-p-k-no-nu/facebook-google.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/s400/us_attacks_wall-facebook+virus+allert.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhLAFXQ9nhm1HhhmbwnnekzsgCZO6E3TPh3kdzh2VISyeIZgW4ufTOSDiEdDAoyoa3to4ia4T2yP9OOItjwP-f3Qh3GE5YFskX4twlaexOtLGFLbK0U-C_LLgV_jemcf4zfRgcywGhzPLw/s400/cnn+fake+site+virus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=47a2a7c7-d7bb-4a04-8cfd-fe2cf880b27d HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/s320/t1larg.facebook.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/w72-h72-p-k-no-nu/t1larg.facebook.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/s1600/facebook-google.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/w72-h72-p-k-no-nu/facebook-google.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEjusvI2A4Y301dqi3HXDOvAyD7vbiSjrHaLwEy08oeP4SCTb8L8uvex2-XK7Uw5pfohOP7eySZNE6h6o7BfKADF4C0fkexSXkPXSfFfResMXVLd3S3c-PB1esFIze0msK4PwitMM8z9wk0/s200/402161_220083208080592_108491975906383_495642_1581235068_n.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEjhRdUkdNaj7S0PczG7Rmt23sdOM3ZHfOgcIbOX4UOuhB5r-PBVtOSQjpp9PBLUMwaQcCeNwvrD7-SUSMWFxH7Jo7pGJAWxx5EhwHnoCa2pNWDmIeVYdgUyhwAHcKJc566cHe-ep2nVPDA/w72-h72-p-k-no-nu/https-background.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhrLaU42y46_ybqP8t2TS9ekCY2dCKk-oGYyBd18CBMybseiMun4aeXWp7YnK-VqYnCm59QOdb2bq6sXH-yCFw7CeNLKoz0GL3JeiewV2XggyNOeaVbGYuZ49RyTj5K92Bs-oXRa7IR428/w72-h72-p-k-no-nu/Facebook-hack.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiwEKjO_XlIWMn2qwIrqEPiC61SO0CERpKSOvqeHOEjz0iNQ_Ybey4IUfwaOwVAsi6TYcvJnRDw8tfR_YXFoYw8fwuXUVWNFs9I5NomDDXAtwpBSirIfT81pSos6X6PfLCTAWlEGSTNUqI/s640/Mark+Zuckerberg%2527s+Private+Photos.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhLAFXQ9nhm1HhhmbwnnekzsgCZO6E3TPh3kdzh2VISyeIZgW4ufTOSDiEdDAoyoa3to4ia4T2yP9OOItjwP-f3Qh3GE5YFskX4twlaexOtLGFLbK0U-C_LLgV_jemcf4zfRgcywGhzPLw/s400/cnn+fake+site+virus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/s400/us_attacks_wall-facebook+virus+allert.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgV-PVMCwC_CenusvDHj0IBpJEYyasKJqmfJDK0u7e6M6xdfOu84rH_Jo0xdHGPePK139JvcUGXvVNv4ltXzthCkImPLzkYc0OoeyNito5HGAO3ANHKdPMpwtXa_MuDP39dD8TgePH68hg/s400/SSL+encryption_jpg_99969.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgDHNB2D9NkpIUm-nmtyZutA7ER4kqdz0lIP2BwAmGaTimyvmtLtS_YWvh2_2QteKdg5Bf682Gt_MqggD0U5ksSbYkeS3nLJhIpqUxqKvxok0LxlTi5P926ECODmQDTWu6Br0RO9npYcUg/s400/facebook+app+password_jpg_14460.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEg7-XaBnr5ysT-dfc-5OTudFVIdW-1lr0Io2cCfcMmE6tluqCTZJp-S44kDj6QmEUXxRYAOBlUb5H05j41T_MiY0roSTOl_W5ok0DJ9KhDyM1e_jMu8bbGEY8_vWGOTV-jXwL5NpjRY3TM/s320/ramnit.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/s320/t1larg.facebook.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEj08WTD0L9AuzD12whTafjP4PA6KmQTrSK8UMwkMtGebD-V2-4WFINDwmusBb3zx-hjGu-eIMCQZii1J48wKQdlgaB5um3bPq4gI7cBmqyzZ1-9bi-mz8-lT4s9dCK2ZEaTWZw5y9sawYU/s320/knowledge.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/s1600/facebook-google.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/s1600/fACEBOOK+VIRUS.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEjusvI2A4Y301dqi3HXDOvAyD7vbiSjrHaLwEy08oeP4SCTb8L8uvex2-XK7Uw5pfohOP7eySZNE6h6o7BfKADF4C0fkexSXkPXSfFfResMXVLd3S3c-PB1esFIze0msK4PwitMM8z9wk0/s200/402161_220083208080592_108491975906383_495642_1581235068_n.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiwEKjO_XlIWMn2qwIrqEPiC61SO0CERpKSOvqeHOEjz0iNQ_Ybey4IUfwaOwVAsi6TYcvJnRDw8tfR_YXFoYw8fwuXUVWNFs9I5NomDDXAtwpBSirIfT81pSos6X6PfLCTAWlEGSTNUqI/s640/Mark+Zuckerberg%2527s+Private+Photos.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgQBsLeJueV9nLN-CdicPuTdOQVuSpx_Oub7_C9AlZpoBWU_TV-OXQBOAPwyN2SsMAJLl_Lq2EBWvtlngM6Rdt8M7OOVD8cwN6YaNMoXSI9MOEDweMclK8WQKi0ePcnRLJxt7pxViIBzBo/s320/anitivirus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/w72-h72-p-k-no-nu/fACEBOOK+VIRUS.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgDHNB2D9NkpIUm-nmtyZutA7ER4kqdz0lIP2BwAmGaTimyvmtLtS_YWvh2_2QteKdg5Bf682Gt_MqggD0U5ksSbYkeS3nLJhIpqUxqKvxok0LxlTi5P926ECODmQDTWu6Br0RO9npYcUg/s400/facebook+app+password_jpg_14460.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiMW8agzRJJnOmlRHoFMD6pT4Cuk7jc79cTkWXGzWZNr8TJZR3AsykW_oegPS2AmoznSU04LOGmbjK185nU2a5jCG9pE65LiNSb7A3FF19tAR8cj4dQxTuLrRRX9q1lCZRngjHhI2peJIU/w72-h72-p-k-no-nu/blogfacebooklurking.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEg7-XaBnr5ysT-dfc-5OTudFVIdW-1lr0Io2cCfcMmE6tluqCTZJp-S44kDj6QmEUXxRYAOBlUb5H05j41T_MiY0roSTOl_W5ok0DJ9KhDyM1e_jMu8bbGEY8_vWGOTV-jXwL5NpjRY3TM/s320/ramnit.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgV-PVMCwC_CenusvDHj0IBpJEYyasKJqmfJDK0u7e6M6xdfOu84rH_Jo0xdHGPePK139JvcUGXvVNv4ltXzthCkImPLzkYc0OoeyNito5HGAO3ANHKdPMpwtXa_MuDP39dD8TgePH68hg/s400/SSL+encryption_jpg_99969.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiujJ85GpGlXLmEmD9_norDKpQnNHQ9VBSF001sNaKPeOoSDK1C-hqHTJTY_rtnaG5HRExTDdSOj6JqiYC_BOL0NrgzG4e-CsrSsOYgsY07WZcbfva6HXTnnFUVdN77JbqwhFwV65toaBI/w72-h72-p-k-no-nu/Facebook+security.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&vt=88767743790000018&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en._ShUtMH1OvQ.O%2Fam%3DAABA%2Fd%3D1%2Frs%3DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg%2Fm%3D__features__ HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEj8wsZYYCVEpZfHbM9btfgR6MsPdFeROOTJkYwoBDb7BkDo5SGO2U7MwOcI4fVxZahoDL7b-acjyOlhigTHeZKd2_mTIZN20zucj-Tjuf21Qcoi4o3wiTZaT8kCpQxd9gMPHPD5JWcdl88/w72-h72-p-k-no-nu/Facebook+Implements+Microsoft%25E2%2580%2599s+PhotoDNA+Technology.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEj08WTD0L9AuzD12whTafjP4PA6KmQTrSK8UMwkMtGebD-V2-4WFINDwmusBb3zx-hjGu-eIMCQZii1J48wKQdlgaB5um3bPq4gI7cBmqyzZ1-9bi-mz8-lT4s9dCK2ZEaTWZw5y9sawYU/s320/knowledge.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/s1600/fACEBOOK+VIRUS.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/w72-h72-p-k-no-nu/us_attacks_wall-facebook+virus+allert.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgQBsLeJueV9nLN-CdicPuTdOQVuSpx_Oub7_C9AlZpoBWU_TV-OXQBOAPwyN2SsMAJLl_Lq2EBWvtlngM6Rdt8M7OOVD8cwN6YaNMoXSI9MOEDweMclK8WQKi0ePcnRLJxt7pxViIBzBo/s320/anitivirus.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/w72-h72-p-k-no-nu/fACEBOOK+VIRUS.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiMW8agzRJJnOmlRHoFMD6pT4Cuk7jc79cTkWXGzWZNr8TJZR3AsykW_oegPS2AmoznSU04LOGmbjK185nU2a5jCG9pE65LiNSb7A3FF19tAR8cj4dQxTuLrRRX9q1lCZRngjHhI2peJIU/w72-h72-p-k-no-nu/blogfacebooklurking.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEiujJ85GpGlXLmEmD9_norDKpQnNHQ9VBSF001sNaKPeOoSDK1C-hqHTJTY_rtnaG5HRExTDdSOj6JqiYC_BOL0NrgzG4e-CsrSsOYgsY07WZcbfva6HXTnnFUVdN77JbqwhFwV65toaBI/w72-h72-p-k-no-nu/Facebook+security.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/platform:gapi.iframes.style.common.js HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEj8wsZYYCVEpZfHbM9btfgR6MsPdFeROOTJkYwoBDb7BkDo5SGO2U7MwOcI4fVxZahoDL7b-acjyOlhigTHeZKd2_mTIZN20zucj-Tjuf21Qcoi4o3wiTZaT8kCpQxd9gMPHPD5JWcdl88/w72-h72-p-k-no-nu/Facebook+Implements+Microsoft%25E2%2580%2599s+PhotoDNA+Technology.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/w72-h72-p-k-no-nu/us_attacks_wall-facebook+virus+allert.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/platform:gapi.iframes.style.common.js HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /profile/07973550498852665411 HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/v-css/2223071481-static_pages.css HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/v-css/3896558673-new_ui_static_pages.css HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/v-app/scripts/3510624199-common.js HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/jsbin/671481879-analytics_autotrack.js HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/maia.css HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/v-app/scripts/3510624199-common.js HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/blogger-logotype-color-black-1x.png HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/avatar_blue_m_96.png HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/jsbin/3825542531-base.js HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/v1/jsbin/671481879-analytics_autotrack.js HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/blogger-logotype-color-black-1x.png HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.1380715292.1726354322; _gid=GA1.2.859899457.1726354322
Source: global traffic	HTTP traffic detected: GET /img/avatar_blue_m_96.png HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.1380715292.1726354322; _gid=GA1.2.859899457.1726354322
Source: global traffic	HTTP traffic detected: GET /static/v1/jsbin/3825542531-base.js HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.1380715292.1726354322; _gid=GA1.2.859899457.1726354322
Source: global traffic	HTTP traffic detected: GET /index.html?ts=1726354322571&r_id=AAYiHC%2FZ9IIiiDosK4cKTg%3D%3D&app_id=PXdOjV695v&uc=scraping&d_id=d01a45d51634753077f99e1f3d294d23da189fd55353d34a63760ce5b4280763 HTTP/1.1Host: li.protechts.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.h-1D-JOvizc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo_3dbjO7NaEjkPT0PwzLRJUFrcOJQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.blogger.com/profile/07973550498852665411Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.1380715292.1726354322; _gid=GA1.2.859899457.1726354322
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.h-1D-JOvizc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo_3dbjO7NaEjkPT0PwzLRJUFrcOJQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ns?c=f6c7b960-72eb-11ef-b701-1d83bb141a6a HTTP/1.1Host: stk.protechts.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://li.protechts.netSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://li.protechts.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /litms/utag/seo-directory-frontend/utag.js?cb=1726354200000 HTTP/1.1Host: platform.linkedin.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bcookie="v=2&b761594e-f5f6-4e1d-89db-1536d7b1ea19"; lidc="b=TGST06:s=T:r=T:a=T:p=T:g=3002:u=1:x=1:i=1726354316:t=1726440716:v=2:sig=AQEBUYVhEs0Yrovec_VfAOQxtaOnIRDl"; lang=v=2&lang=en-us; rtc=AQGetI0KACtTmQAAAZHyvHogRBfI7jTWPi5ijUzKoKhUDVkepTyZcKj8SYJPdM0ScaDxYaYKJhYGvB7ZpTMJRWJuMT2vdTVDW7GClFG7VCViKxAxiwFWaxmRIR5enM-ZjeKPZ81rYTnCSQJyNtjq6VCpksizVnfEw_977KptKxoNzYg2QqqMvpS3scc1I1gIu2zSaIPFv8Bner8faeKlLmXmsoUHorhtz6GaWR5OoMWthzXmDiayaY4=
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=517=Qmyf_JcPZmcrfCjPzD0sQvLUUVbvFbuUFa4ER8kUPpMZDQN4NZLHHsa7U7lNwuSq0d2zSGt7tndErEvOSo8jfWZCcJB3amN39zSml-tMh_w5Hu-lsEonH5Z4hEi9CSr1PUDQwRFJ3GgyMZmE8NmdmNunqtfgPWyjweGCkVbV0w0RStWtxg
Source: global traffic	HTTP traffic detected: GET /api/v2/msft HTTP/1.1Host: collector-pxdojv695v.protechts.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /index.html?ts=1726354326430&r_id=AAYiHC/Z9IIiiDosK4cKTg==&pt=undefined&app_id=PXdOjV695v&uc=scraping&d_id=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP/1.1Host: li.protechts.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pxcts=f7c6272c-72eb-11ef-a6a9-34bc80f802ef; _pxvid=f7c61ba9-72eb-11ef-a6a9-51cb43bcbb25
Source: global traffic	HTTP traffic detected: GET /ns?c=f6c7b960-72eb-11ef-b701-1d83bb141a6a HTTP/1.1Host: stk.protechts.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.blogger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.1380715292.1726354322; _gid=GA1.2.859899457.1726354322
Source: global traffic	HTTP traffic detected: GET /litms/utag/seo-directory-frontend/utag.js?cb=1726354200000 HTTP/1.1Host: platform.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bcookie="v=2&b761594e-f5f6-4e1d-89db-1536d7b1ea19"; lidc="b=TGST06:s=T:r=T:a=T:p=T:g=3002:u=1:x=1:i=1726354316:t=1726440716:v=2:sig=AQEBUYVhEs0Yrovec_VfAOQxtaOnIRDl"; lang=v=2&lang=en-us; rtc=AQGzq94_2toa4wAAAZHyvIHwRdJEZbieiqk48zFK3dnm3HNMu5oV6On2WDZQIJXr0dqhRK6HEaj0iuKtcZrK75imRVNzKM7JVYTvlsnqA9W8VPqFaQNp8HZgDc4rEXc_SVU86JCQfT5WQsqQ7V4HA6ZPHWMHRCHCfyKY5eGvFmShaJzs-pFEMD0125bu2UjLVzuHEM2n_2uVE0DQawOC-waT3s3nCxfeHjgIVhehZHyIbZt7ZMgMvEY=
Source: global traffic	HTTP traffic detected: GET /ns?c=f7c1d0d0-72eb-11ef-9b11-5b9e8ba983a4 HTTP/1.1Host: stk.protechts.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://li.protechts.netSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://li.protechts.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v2/msft HTTP/1.1Host: collector-pxdojv695v.protechts.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ns?c=f7c1d0d0-72eb-11ef-9b11-5b9e8ba983a4 HTTP/1.1Host: stk.protechts.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=517=KnhXrFTBv6opVt2SHBuas8rGYS-5OTR5fMhNohpa4X4VT9bvRQdxastd4g_LQ0zfgVbGvlgtcYJ5YkoK7r8JXz8iIue5_6G0BzlxGcfr5KgVfUZFY6mH7U5JByKwwfYMwYWUYb3VtLg1UakmqWCap3hC3X11J1ljKquSB_WEwMgW2l5j17cAueiy8Q
Source: global traffic	HTTP traffic detected: GET /api/v2/msft HTTP/1.1Host: collector-pxdojv695v.protechts.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v2/msft HTTP/1.1Host: collector-pxdojv695v.protechts.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=47a2a7c7-d7bb-4a04-8cfd-fe2cf880b27d HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhrLaU42y46_ybqP8t2TS9ekCY2dCKk-oGYyBd18CBMybseiMun4aeXWp7YnK-VqYnCm59QOdb2bq6sXH-yCFw7CeNLKoz0GL3JeiewV2XggyNOeaVbGYuZ49RyTj5K92Bs-oXRa7IR428/s1600/Facebook-hack.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhUtaA5wSJrr5dioFZmaaoNeWtIXOqfXTurdW8JwOiVXrSIIm2Xg4xAROTzESyVvnE2J9WSM2ClCrNUOXPRBrWubOZQYA6VWxzj415Zv6s1B4J0RcTzkcjIUMpi3BrGneRvf8aZWD4nCyE/s400/facebook_wall.png HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /navbar.g?targetBlogID=6293774250085653011&blogName=FACEBOOK+SECURITY&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://facebooksecurity.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://facebooksecurity.blogspot.com/&targetPostID=8239286483979346542&blogPostOrPageUrl=http://facebooksecurity.blogspot.com/2011/11/impress-your-freinds-with-new-facebook.html&vt=1708539765975725547&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en._ShUtMH1OvQ.O%2Fam%3DAABA%2Fd%3D1%2Frs%3DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg%2Fm%3D__features__ HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=47a2a7c7-d7bb-4a04-8cfd-fe2cf880b27d HTTP/1.1Host: www.blogger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhrLaU42y46_ybqP8t2TS9ekCY2dCKk-oGYyBd18CBMybseiMun4aeXWp7YnK-VqYnCm59QOdb2bq6sXH-yCFw7CeNLKoz0GL3JeiewV2XggyNOeaVbGYuZ49RyTj5K92Bs-oXRa7IR428/s1600/Facebook-hack.jpg HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEhUtaA5wSJrr5dioFZmaaoNeWtIXOqfXTurdW8JwOiVXrSIIm2Xg4xAROTzESyVvnE2J9WSM2ClCrNUOXPRBrWubOZQYA6VWxzj415Zv6s1B4J0RcTzkcjIUMpi3BrGneRvf8aZWD4nCyE/s400/facebook_wall.png HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /salimsays HTTP/1.1Host: twitter.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /salimsays HTTP/1.1Host: x.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /x/migrate?tok=7b2265223a222f73616c696d73617973222c2274223a313732363335343334357d02b83dd16493b5af7a10a6f949379e22 HTTP/1.1Host: twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id_marketing=v1%3A172635434461567692; guest_id_ads=v1%3A172635434461567692; personalization_id="v1_+sUFbQZyqMvIcipLCGX+yA=="; guest_id=v1%3A172635434461567692
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: x.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://x.com/salimsaysAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id_marketing=v1%3A172635434576611809; guest_id_ads=v1%3A172635434576611809; personalization_id="v1_lgAbNoXuJLsHq1+sPb/nNw=="; guest_id=v1%3A172635434576611809
Source: global traffic	HTTP traffic detected: GET /salimsays?mx=2 HTTP/1.1Host: x.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://twitter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: personalization_id="v1_lgAbNoXuJLsHq1+sPb/nNw=="; guest_id_marketing=172635434461567692; guest_id_ads=172635434461567692; guest_id=v1%3A172635434461567692; night_mode=2
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/vendor.6929bc4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/i18n/en.c7f87cfa.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/main.855db29a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /emoji/v2/svg/26a0.svg HTTP/1.1Host: abs-0.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/i18n/en.c7f87cfa.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/vendor.6929bc4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /emoji/v2/svg/26a0.svg HTTP/1.1Host: abs-0.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/main.855db29a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/ondemand.Dropdown.05f2d88a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/ondemand.s.2ad88e9a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/modules.common.8d74434a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/modules.audio.ab01bdca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~loader.DMDrawer~bundle.Grok~bundle.Account~bundle.R.bf2cfcfa.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~loader.DMDrawer~ondemand.NotFound~bundle.AboutThisAd~bundle.NotMyAc.7c51a9ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1.1/hashflags.json HTTP/1.1Host: api.x.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-twitter-client-language: ensec-ch-ua-mobile: ?0authorization: Bearer AAAAAAAAAAAAAAAAAAAAANRILgAAAAAAnNwIzUejRCOuH5E6I8xnZz4puTs%3D1Zv7ttfk8LF81IUq16cHjhLTvJu4FA33AGWWjCpTnAUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36x-client-transaction-id: Mn5YOAx+7FFtSLUBQjXDyLkYUkvaCYB6GScw/XvignVmmW9Lt9ivGJ3YQx3kfR6L53KCpDClS6efrSoriXHHHL22NUfdMQx-guest-token: 1835089259478335724x-twitter-active-user: yessec-ch-ua-platform: "Windows"Accept: /Origin: https://x.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A172635434461567692; night_mode=2; guest_id_marketing=v1%3A172635434461567692; guest_id_ads=v1%3A172635434461567692; personalization_id="v1_W67jWCWF5Gliul4Mz8h8cg=="; gt=1835089259478335724
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~loader.DMDrawer~bundle.Account~bundle.ReaderMode~bu.a05e4a9a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~loader.DMDrawer~bundle.Grok~bundle.Account~bundle.A.171d647a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/ondemand.Dropdown.05f2d88a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/ondemand.s.2ad88e9a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~loader.DMDrawer~ondemand.NotFound~bundle.AboutThisAd~bundle.NotMyAc.7c51a9ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/modules.common.8d74434a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/modules.audio.ab01bdca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1.1/hashflags.json HTTP/1.1Host: api.x.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A172635434461567692; night_mode=2; guest_id_marketing=v1%3A172635434461567692; guest_id_ads=v1%3A172635434461567692; personalization_id="v1_W67jWCWF5Gliul4Mz8h8cg=="; gt=1835089259478335724
Source: global traffic	HTTP traffic detected: GET /1.1/jot/client_event.json HTTP/1.1Host: api.x.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A172635434461567692; night_mode=2; guest_id_marketing=v1%3A172635434461567692; guest_id_ads=v1%3A172635434461567692; personalization_id="v1_W67jWCWF5Gliul4Mz8h8cg=="; gt=1835089259478335724
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~loader.DMDrawer~bundle.Account~bundle.ReaderMode~bu.a05e4a9a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~loader.DMDrawer~bundle.Grok~bundle.Account~bundle.A.171d647a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET is not allowed on path /1.1/jot/client_event.json
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~bundle.Account~bundle.ReaderMode~bundle.AudioSpaceP.aea09f7a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.Grok~bundle.bd7a377a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.SideNav~loader.Typeahead~loader.AppModules~loader.DMDrawer~bun.87071dba.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.Account~bun.c003362a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.directMessagesData~loader.SideNav~loader.Typeahead~loader.AppModules~loader.DMD.90df2b7a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpace.58818b4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1.1/jot/client_event.json HTTP/1.1Host: api.x.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A172635434461567692; night_mode=2; guest_id_marketing=v1%3A172635434461567692; guest_id_ads=v1%3A172635434461567692; personalization_id="v1_W67jWCWF5Gliul4Mz8h8cg=="; gt=1835089259478335724
Source: global traffic	HTTP traffic detected: GET is not allowed on path /1.1/jot/client_event.json
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.Grok~bundle.bd7a377a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.SideNav~loader.Typeahead~loader.AppModules~loader.DMDrawer~bun.87071dba.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.ReaderMode~bundle.AudioSpacePeek~bundle.Bird.941fa03a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~loader.AppModules~loader.DMDrawer~bundle.MultiAccount~bundle.ReaderMode.dc3067ea.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~bundle.AudioSpaceDiscovery.fbe982fa.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.Account~bun.c003362a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpace.58818b4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~bundle.LoggedOutHome~bundle.TV.a15be69a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~bundle.Ocf.7afa811a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.directMessagesData~loader.SideNav~loader.Typeahead~loader.AppModules~loader.DMD.90df2b7a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~loader.LoggedOutNotifications.038a4cca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~bundle.LoggedOutHome.b13d123a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.ReaderMode~bundle.AudioSpacePeek~bundle.Bird.941fa03a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~bundle.AudioSpaceDiscovery.fbe982fa.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~bundle.Conversation.9cc3eaea.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~bundle.LoggedOutHome~bundle.TV.a15be69a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/loader.AppModules.b2442e8a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~bundle.MultiAccount~bundle.Communities~ondemand.SettingsMonetization~bu.4fd68dca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~bundle.Ocf.7afa811a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~loader.LoggedOutNotifications.038a4cca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~bundle.MultiAccount~bundle.JobSearch.e8147eda.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.SideNav~bundle.MultiAccount~bundle.JobSearch.3fb6c87a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~loader.AppModules~loader.DMDrawer~bundle.MultiAccount~bundle.ReaderMode.dc3067ea.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.SideNav~bundle.JobSearch.38c081ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/loader.SideNav.20f4af6a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.AboutThisAd~bundle.NotMyAccount~bundle.MultiAccount~bundle.Articles~bundle.Audi.267492ea.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.Grok~bundle.MultiAccount~bundle.ReaderMode~bundle.Articles~bun.f39400ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.MultiAccount~bundle.ReaderMode~bundle.Articles~bundle.AudioSpa.2b9e2f9a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~bundle.Conversation.9cc3eaea.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~bundle.MultiAccount~bundle.Communities~ondemand.SettingsMonetization~bu.4fd68dca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AppModules~bundle.LoggedOutHome.b13d123a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~bundle.MultiAccount~bundle.JobSearch.e8147eda.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/loader.AppModules.b2442e8a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.DMDrawer~bundle.AccountAnalytics~bundle.ReaderMode~bundle.Articles~bundle.Audio.5112166a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.AccountAnalytics~bundle.Articles~bundle.AudioSpaceDetail~bundle.AudioSpaceDisco.9978d38a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpacePeek~bundle.AudioSpaceDetail~bundle.a759798a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpacePeek~bundle.Birdwatch~bundle.Brande.def10c6a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.ReaderMode~bundle.AudioSpacePeek~bundle.Birdwatch~bundle.LiveE.a116cbea.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.SideNav~bundle.MultiAccount~bundle.JobSearch.3fb6c87a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.Articles~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpaceba.9ff4452a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.SideNav~bundle.JobSearch.38c081ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.AboutThisAd~bundle.NotMyAccount~bundle.MultiAccount~bundle.Articles~bundle.Audi.267492ea.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.Grok~bundle.MultiAccount~bundle.ReaderMode~bundle.Articles~bun.f39400ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.MultiAccount~bundle.ReaderMode~bundle.Articles~bundle.AudioSpa.2b9e2f9a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/loader.SideNav.20f4af6a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DashMenu~loader.DMDrawer~bundle.AccountAnalytics~bundle.ReaderMode~bundle.Articles~bundle.Audio.5112166a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Articles~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpacebarScreen~bundle.B.d01dc31a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.ReaderMode~bundle.Birdwatch~bundle.TwitterArticles~bundle.Compose~bundle.Settings~bundle.Displa.cc32086a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpacebarScreen~.e755373a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpacebarScreen~bundle.Birdwatch~bundle..ef43e36a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.MultiAccount~bundle.Birdwatch~bundle.Communities~bundle.Twitte.862ae2fa.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.AccountAnalytics~bundle.Articles~bundle.AudioSpaceDetail~bundle.AudioSpaceDisco.9978d38a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpacePeek~bundle.AudioSpaceDetail~bundle.a759798a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpacePeek~bundle.Birdwatch~bundle.Brande.def10c6a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.AccountAnalytics~bundle.Articles~bundle.AudioSpaceDiscovery~bundle.Birdwatch~bu.4b0875ea.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.Articles~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpaceba.9ff4452a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.ReaderMode~bundle.AudioSpacePeek~bundle.Birdwatch~bundle.LiveE.a116cbea.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpacebarScreen~.e755373a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.directMessagesData~loader.Typeahead~loader.DMDrawer~ondemand.DirectMessagesCrypto~bundle.Commun.ce85ab2a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.MultiAccount~bundle.Birdwatch~bundle.Communities~bundle.Twitte.862ae2fa.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.Communities~bundle.TwitterArticles~bundle.WorkHistory~bundle.D.3771004a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.Bookmarks~bundle.Communities~bundle.TwitterArticles~bundle.DirectMessages~bundl.2e2ea77a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.Compose~bundle.DirectMessages~bundle.DMRichTextCompose~bundle.LiveEvent~bundle..1228e72a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.AccountAnalytics~bundle.Articles~bundle.AudioSpaceDiscovery~bundle.Birdwatch~bu.4b0875ea.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpacebarScreen~bundle.Birdwatch~bundle..ef43e36a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Articles~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpacebarScreen~bundle.B.d01dc31a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~ondemand.SettingsRevamp~ondemand.SettingsMonetization~ondemand.SettingsSuperFollows~bundle.LiveEvent~b.1d970dba.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1.1/jot/client_event.json HTTP/1.1Host: api.x.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A172635434461567692; night_mode=2; guest_id_marketing=v1%3A172635434461567692; guest_id_ads=v1%3A172635434461567692; personalization_id="v1_W67jWCWF5Gliul4Mz8h8cg=="; gt=1835089259478335724
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.ReaderMode~bundle.Birdwatch~bundle.TwitterArticles~bundle.Compose~bundle.Settings~bundle.Displa.cc32086a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET is not allowed on path /1.1/jot/client_event.json
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Compose~bundle.DirectMessages~bundle.DMRichTextCompose~bundle.f6e9787a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.directMessagesData~loader.Typeahead~loader.DMDrawer~ondemand.DirectMessagesCrypto~bundle.Commun.ce85ab2a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Bookmarks~bundle.Communities~bundle.TwitterArticles~bundle.Explore~bundle.LiveEvent~bundle.Home.0556042a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~ondemand.SettingsMonetization~ondemand.SettingsSuperFollows~bundle.JobSearch~bundle.Payments~bundle.Tw.ab7500ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.Communities~bundle.TwitterArticles~bundle.WorkHistory~bundle.D.3771004a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Birdwatch~bundle.TwitterArticles~bundle.Grok~bundle.Payments~bundle.SettingsProfessionalProfile.7b0a50ea.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.DirectMessages~bundle.DMRichTextCompose~bundle.Grok~bundle.Tw.89f84eca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.Bookmarks~bundle.Communities~bundle.TwitterArticles~bundle.DirectMessages~bundl.2e2ea77a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.Compose~bundle.DirectMessages~bundle.DMRichTextCompose~bundle.LiveEvent~bundle..1228e72a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.AudioSpaceAnalytics~bundle.Communities~bundle.ProfessionalHome~bundle.C.e75b2bca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~ondemand.SettingsRevamp~ondemand.SettingsMonetization~ondemand.SettingsSuperFollows~bundle.LiveEvent~b.1d970dba.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Compose~bundle.DirectMessages~bundle.DMRichTextCompose~bundle.f6e9787a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.Articles~bundle.Compose~bundle.DirectMessages~bundle.UserProfile~bundle.RichTex.c5b9179a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Bookmarks~bundle.Communities~bundle.TwitterArticles~bundle.Explore~bundle.LiveEvent~bundle.Home.0556042a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.DMRichTextCompose~bundle.DirectMessages~bundle.UserFollowLists~bundle.UserProfi.0e568eba.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~ondemand.SettingsMonetization~ondemand.SettingsSuperFollows~bundle.JobSearch~bundle.Payments~bundle.Tw.ab7500ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~ondemand.SettingsRevamp~ondemand.SettingsMonetization~bundle.ConversationWithR.effb35da.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Topics~bundle.UserJobs~bundle.UserLists~bundle.UserFollowLists~bundle.UserProfile~ondemand.Hove.760bb11a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.SettingsProfessionalProfileLocationSpotlight.09f84c4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.DirectMessages~bundle.DMRichTextCompose~bundle.Grok~bundle.Tw.89f84eca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Birdwatch~bundle.TwitterArticles~bundle.Grok~bundle.Payments~bundle.SettingsProfessionalProfile.7b0a50ea.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Communities~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.SettingsProfessionalProfi.5213b19a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.AudioSpaceAnalytics~bundle.Communities~bundle.ProfessionalHome~bundle.C.e75b2bca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfile~bundle.SettingsExtendedProfile~bundle.ExtendedUserProfile~bundle.UserProfile.1e7923aa.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.ConversationWithRelay~bundle.UserProfile~ondemand.Verified.5dfab6aa.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.Articles~bundle.Compose~bundle.DirectMessages~bundle.UserProfile~bundle.RichTex.c5b9179a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.DMRichTextCompose~bundle.DirectMessages~bundle.UserFollowLists~bundle.UserProfi.0e568eba.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.LiveEvent~bundle.UserProfile~loader.TimelineRenderer.7dabf94a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~ondemand.SettingsRevamp~ondemand.SettingsMonetization~bundle.ConversationWithR.effb35da.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.UserProfile~ondemand.Verified.1e1cc7ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.ReportCenter~bundle.SafetyCenter~bundle.UserProfile.d419888a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.SettingsProfessionalProfileLocationSpotlight.09f84c4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.SettingsProfessionalProfileCommunitiesSpotli.19418f5a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Topics~bundle.UserJobs~bundle.UserLists~bundle.UserFollowLists~bundle.UserProfile~ondemand.Hove.760bb11a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.Communities~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.SettingsProfessionalProfi.5213b19a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.ShareJob~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.UserProfile.a933de5a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.LiveEvent~bundle.UserProfile~loader.IconLabelHandler.0538e89a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.UserProfile.5e3f8aca.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.UserProfile.fa79f6da.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.UserFollowLists~bundle.UserProfile.e92d398a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfile~bundle.SettingsExtendedProfile~bundle.ExtendedUserProfile~bundle.UserProfile.1e7923aa.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.DMDrawer~bundle.LiveEvent~bundle.UserProfile~loader.TimelineRenderer.7dabf94a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.ConversationWithRelay~bundle.UserProfile~ondemand.Verified.5dfab6aa.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.ExtendedUserProfile~bundle.UserProfile.9bf945ba.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.UserProfile~ondemand.Verified.1e1cc7ca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.ReportCenter~bundle.SafetyCenter~bundle.UserProfile.d419888a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.SettingsProfessionalProfileCommunitiesSpotli.19418f5a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1.1/jot/ces/p2 HTTP/1.1Host: api.x.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A172635434461567692; night_mode=2; guest_id_marketing=v1%3A172635434461567692; guest_id_ads=v1%3A172635434461567692; personalization_id="v1_W67jWCWF5Gliul4Mz8h8cg=="; gt=1835089259478335724
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfile~bundle.UserProfile.6ba4be2a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/bundle.UserProfile.45e73a0a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/loader.AudioDock.28823faa.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/bundle.NetworkInstrument.c25edf4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.LiveEvent~bundle.UserProfile~loader.IconLabelHandler.0538e89a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.ShareJob~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.UserProfile.a933de5a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.UserProfile.fa79f6da.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfessionalProfileProfileSpotlight~bundle.UserProfile.5e3f8aca.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/loader.richScribeAction.c717e89a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~loader.DMDrawer~bundle.Grok~bundle.Account~bundle.R.bf2cfcfa.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=294909-294909If-Range: "r0U1Ww0bO/ylCbI3XJ0WgA==+ident"
Source: global traffic	HTTP traffic detected: GET is not allowed on path /1.1/jot/ces/p2
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.ExtendedUserProfile~bundle.UserProfile.9bf945ba.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.UserFollowLists~bundle.UserProfile.e92d398a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~bundle.Account~bundle.ReaderMode~bundle.AudioSpaceP.aea09f7a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=180216-180216If-Range: "9NPd7w8887a5gCxiZsIzAw==+ident"
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/i18n/emoji-en.3afd1e4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~bundle.SettingsProfile~bundle.UserProfile.6ba4be2a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/loader.AudioDock.28823faa.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/bundle.NetworkInstrument.c25edf4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/Chirp-Bold.ebb56aba.woff2 HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/Chirp-Regular.80fda27a.woff2 HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/loader.richScribeAction.c717e89a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/bundle.UserProfile.45e73a0a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~loader.DMDrawer~bundle.Grok~bundle.Account~bundle.R.bf2cfcfa.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~loader.AudioDock~loader.DashMenu~loader.AppModules~bundle.Account~bundle.ReaderMode~bundle.AudioSpaceP.aea09f7a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/i18n/emoji-en.3afd1e4a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~ondemand.EmojiPickerData~ondemand.ParticipantReaction~ondemand.EmojiPicker.4d3f7f7a.js HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://x.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicons/twitter.3.ico HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: x.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://x.com/salimsays?mx=2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A172635434461567692; night_mode=2; guest_id_marketing=v1%3A172635434461567692; guest_id_ads=v1%3A172635434461567692; personalization_id="v1_W67jWCWF5Gliul4Mz8h8cg=="; gt=1835089259478335724
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/shared~ondemand.EmojiPickerData~ondemand.ParticipantReaction~ondemand.EmojiPicker.4d3f7f7a.js HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicons/twitter.3.ico HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/icon-default.522d363a.png HTTP/1.1Host: abs.twimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://x.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /responsive-web/client-web/icon-default.522d363a.png HTTP/1.1Host: abs.twimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: facebooksecurity.blogspot.dkConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-1.7.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg HTTP/1.1Host: 1.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-1.7.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg HTTP/1.1Host: 1.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/2.jpg HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-Z-xxpA6Bzqg/ULCCTYRgP2I/AAAAAAAAEvE/AekO-nDLdJw/s1600/down-arrow.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-Z-xxpA6Bzqg/ULCCTYRgP2I/AAAAAAAAEvE/AekO-nDLdJw/s1600/down-arrow.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png HTTP/1.1Host: 4.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png HTTP/1.1Host: 2.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico HTTP/1.1Host: 3.bp.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2011/11/impress-your-freinds-with-new-facebook.html HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2011/11/img/2.jpg HTTP/1.1Host: facebooksecurity.blogspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://facebooksecurity.blogspot.com/2011/11/impress-your-freinds-with-new-facebook.htmlAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /salimsays HTTP/1.1Host: twitter.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr

String found in binary or memory: inline:{css:1},disableRealtimeCallback:!1,drive_share:{skipInitCommand:!0},csi:{rate:.01},client:{cors:!1},signInDeprecation:{rate:0},include_granted_scopes:!0,llang:"en",iframes:{youtube:{params:{location:["search","hash"]},url:":socialhost:/:session_prefix:_/widget/render/youtube?usegapi=1",methods:["scroll","openwindow"]},ytsubscribe:{url:"https://www.youtube.com/subscribe_embed?usegapi=1"},plus_circle:{params:{url:""},url:":socialhost:/:session_prefix::se:_/widget/plus/circle?usegapi=1"}, equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: facebooksecurity.blogspot.dk
Source: global traffic	DNS traffic detected: DNS query: facebooksecurity.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: www.blogger.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: 3.bp.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: 1.bp.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: blogger.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: 4.bp.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: 2.bp.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: www.youtube.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: static.licdn.com
Source: global traffic	DNS traffic detected: DNS query: li.protechts.net
Source: global traffic	DNS traffic detected: DNS query: stun.l.google.com
Source: global traffic	DNS traffic detected: DNS query: client.protechts.net
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: platform.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: stk.protechts.net
Source: global traffic	DNS traffic detected: DNS query: collector-pxdojv695v.protechts.net
Source: global traffic	DNS traffic detected: DNS query: twitter.com
Source: global traffic	DNS traffic detected: DNS query: x.com
Source: global traffic	DNS traffic detected: DNS query: abs.twimg.com
Source: global traffic	DNS traffic detected: DNS query: api.twitter.com
Source: global traffic	DNS traffic detected: DNS query: t.co
Source: global traffic	DNS traffic detected: DNS query: pbs.twimg.com
Source: global traffic	DNS traffic detected: DNS query: api.x.com
Source: global traffic	DNS traffic detected: DNS query: video.twimg.com
Source: global traffic	DNS traffic detected: DNS query: abs-0.twimg.com

Source: unknown

HTTP traffic detected: POST /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveContent-Length: 886sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded;charset=UTF-8Accept: */*Origin: https://www.blogger.comX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.blogger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Sat, 14 Sep 2024 22:52:08 GMTContent-Type: text/htmlContent-Length: 1261Connection: closex-fd-int-waf-rule-hits: Microsoft_BotManagerRuleSet-1.1-UnknownBots-Bot300600Cache-Control: no-storex-azure-ref: 20240914T225208Z-185ffdfffcftw5chg664cpas3c00000001vg000000005q3xX-Cache: CONFIG_NOCACHE
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Sat, 14 Sep 2024 22:52:23 GMTContent-Type: text/htmlContent-Length: 1261Connection: closex-fd-int-waf-rule-hits: Microsoft_BotManagerRuleSet-1.1-UnknownBots-Bot300600Cache-Control: no-storex-azure-ref: 20240914T225223Z-185ffdfffcfxr9gk61meqbanw400000001pg00000000cuvyX-Cache: CONFIG_NOCACHE
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Sat, 14 Sep 2024 22:51:41 GMTContent-Encoding: gzipX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Length: 15813Server: GSE
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Sat, 14 Sep 2024 22:52:14 GMTContent-Encoding: gzipX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Length: 15822Server: GSE

Source: chromecache_552.2.dr, chromecache_477.2.dr	String found in binary or memory: http://csi.gstatic.com/csi
Source: chromecache_300.2.dr, chromecache_434.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_285.2.dr, chromecache_377.2.dr	String found in binary or memory: http://git.io/TrdQbw
Source: chromecache_285.2.dr, chromecache_377.2.dr	String found in binary or memory: http://underscorejs.org
Source: chromecache_329.2.dr, chromecache_437.2.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/100ThievesEmoji2024/100ThievesEmoji2024.png
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11376_Shiseido_elixir_TW_Hashmoji_Q22024/BF-11376_Shiseido_elixir
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11380_Qiddiya_Hashmoji2024_v3/BF-11380_Qiddiya_Hashmoji2024_v3.pn
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11381_MWLORG_Hashmoji_June2024_V2_/BF-11381_MWLORG_Hashmoji_June2
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11383_FF_XIV_JP_Jun_2024Hashmoji/BF-11383_FF_XIV_JP_Jun_2024Hashm
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11408_NetflixJP18ce54ua4fy_Hashmoji2024_Yomeboku/BF-11408_Netflix
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11415_Digital_Video_Support_Summer_2024_/BF-11415_Digital_Video_S
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11461_ZenlessZoneZero_Hashmoji_after/BF-11461_ZenlessZoneZero_Has
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11462_Zenless_Zone_Zero_Launch_2024_Bangboo_01/BF-11462_Zenless_Z
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11463_Zenless_Zone_Zero_Launch_2024_Ellen_Joe_Character/BF-11463_
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11470_ABEMA_18ce549twrx_Hashmoji_20240629-20240930_Oshinoko/BF-11
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11471_Anime_ABEMA_18ce54aqujn_Hashmoji_20240705_20241007_Monogata
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11479_Zenless_Zone_Zero_Launch2024_Nicole_Livestream/BF-11479_Zen
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11480_Zenless_Zone_Zero_Launch_2024_Golden_Bangboo/BF-11480_Zenle
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11588_Loreal_Lancome_JP_Hashmoji2024/BF-11588_Loreal_Lancome_JP_H
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11611_MOC_Q324_Hashmoji/BF-11611_MOC_Q324_Hashmoji.png
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11618_SportsBoulevard_Q324_Hashmoji/BF-11618_SportsBoulevard_Q324
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11628_fgoproject_9thAnniversary_Hashmoji2024/BF-11628_fgoproject_
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11662_Com2us_summoners_STAFF_Branding_Q324_after/BF-11662_Com2us_
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11686_NetflixJP_Hashmoji_20240803-20241103_Jimenshi/BF-11686_Netf
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11708_NetflixJP_Weare_Hashmoji2024/BF-11708_NetflixJP_Weare_Hashm
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11709_GenshinPaimon_Hashmoji2024/BF-11709_GenshinPaimon_Hashmoji2
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11710_GenshinKachina_Hashmoji2024/BF-11710_GenshinKachina_Hashmoj
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11711_GenshinKinich_Hashmoji2024/BF-11711_GenshinKinich_Hashmoji2
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11712_GenshinMualani_Hashmoji2024/BF-11712_GenshinMualani_Hashmoj
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11713_Genshin_NatlanSunSign_Hashmoji2024/BF-11713_Genshin_NatlanS
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11751_Global_miHoYo_Final_Hashmoji_v2/BF-11751_Global_miHoYo_Fina
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11770_RacingMaster_JPLaunch_Hashmoji2024/BF-11770_RacingMaster_JP
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11790_COLOPL_Hashmoji/BF-11790_COLOPL_Hashmoji.png
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11804_NetEase_RacingMaster_2024Hashmoji2/BF-11804_NetEase_RacingM
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11821_lake_official__Custom_Like_after/BF-11821_lake_official__Cu
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11827_BirdyCafe_Hashmoji2024_v2/BF-11827_BirdyCafe_Hashmoji2024_v
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11830_Token2040_Sept24_Hashmoji/BF-11830_Token2040_Sept24_Hashmoj
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11868_Schick_Hashmoji2024_V2/BF-11868_Schick_Hashmoji2024_V2.png
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11872_LazadaTHD9_BrandingCampaign_Hashmoji2024/BF-11872_LazadaTHD
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11893_RedSea_Hashmoji2024/BF-11893_RedSea_Hashmoji2024.png
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-11901_AlatTechIce_Hashmoji2024/BF-11901_AlatTechIce_Hashmoji2024.
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF-12004_Aramco_SND2024_HashmojiBefore/BF-12004_Aramco_SND2024_Hashm
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF_11905_Hashmoji_Only_After_Aeromexico_90anos/BF_11905_Hashmoji_Onl
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/BF_11915_Sabic_Homeland_Hashmoji_24_/BF_11915_Sabic_Homeland_Hashmoj
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/EWCWorldCupEmojiV2/EWCWorldCupEmojiV2.png
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/MediaInformationLiteracyWeeks_2020_ThinkBeforeSharing/MediaInformati
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/New_BF-11881_MEOVV_HashmojiAfter/New_BF-11881_MEOVV_HashmojiAfter.pn
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/ParamountPlusJA_TLR_June2024/ParamountPlusJA_TLR_June2024.png
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/R1_20thCentury_AlienRomulus_2024/R1_20thCentury_AlienRomulus_2024.pn
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/TokyoGirlsCollection2024Fall/TokyoGirlsCollection2024Fall.png
Source: chromecache_508.2.dr	String found in binary or memory: https://abs.twimg.com/hashflags/heavenburnsred_July2024_BF-11558_after_v2/heavenburnsred_July2024_BF
Source: chromecache_496.2.dr, chromecache_361.2.dr	String found in binary or memory: https://accounts.google.com/gsi/
Source: chromecache_496.2.dr, chromecache_361.2.dr, chromecache_453.2.dr	String found in binary or memory: https://accounts.google.com/gsi/button
Source: chromecache_496.2.dr, chromecache_361.2.dr	String found in binary or memory: https://accounts.google.com/gsi/fedcm.json
Source: chromecache_496.2.dr, chromecache_361.2.dr	String found in binary or memory: https://accounts.google.com/gsi/fedcmcsp?client_id=
Source: chromecache_496.2.dr, chromecache_361.2.dr, chromecache_453.2.dr	String found in binary or memory: https://accounts.google.com/gsi/iframe/select
Source: chromecache_453.2.dr	String found in binary or memory: https://accounts.google.com/gsi/log
Source: chromecache_496.2.dr, chromecache_361.2.dr, chromecache_453.2.dr	String found in binary or memory: https://accounts.google.com/gsi/revoke
Source: chromecache_496.2.dr, chromecache_361.2.dr, chromecache_453.2.dr	String found in binary or memory: https://accounts.google.com/gsi/select
Source: chromecache_496.2.dr, chromecache_361.2.dr, chromecache_453.2.dr	String found in binary or memory: https://accounts.google.com/gsi/status
Source: chromecache_496.2.dr, chromecache_361.2.dr, chromecache_453.2.dr	String found in binary or memory: https://accounts.google.com/gsi/style
Source: chromecache_366.2.dr, chromecache_507.2.dr, chromecache_384.2.dr, chromecache_399.2.dr, chromecache_251.2.dr, chromecache_382.2.dr, chromecache_547.2.dr, chromecache_391.2.dr, chromecache_504.2.dr, chromecache_271.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr, chromecache_496.2.dr, chromecache_361.2.dr, chromecache_453.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_366.2.dr, chromecache_507.2.dr, chromecache_384.2.dr, chromecache_399.2.dr, chromecache_251.2.dr, chromecache_382.2.dr, chromecache_547.2.dr, chromecache_391.2.dr, chromecache_504.2.dr, chromecache_271.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_361.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/v2/auth
Source: chromecache_359.2.dr, chromecache_386.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_382.2.dr, chromecache_547.2.dr, chromecache_391.2.dr, chromecache_504.2.dr, chromecache_271.2.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_251.2.dr	String found in binary or memory: https://apis.google.com/js/platform.js
Source: chromecache_382.2.dr	String found in binary or memory: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://classroom.google.com/sharewidget?usegapi=1
Source: chromecache_293.2.dr, chromecache_319.2.dr	String found in binary or memory: https://client.protechts.net/
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://clients3.google.com/cast/chromecast/home/widget/backdrop?usegapi=1
Source: chromecache_366.2.dr, chromecache_507.2.dr, chromecache_384.2.dr, chromecache_399.2.dr, chromecache_251.2.dr, chromecache_382.2.dr, chromecache_547.2.dr, chromecache_391.2.dr, chromecache_504.2.dr, chromecache_271.2.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_366.2.dr, chromecache_507.2.dr, chromecache_384.2.dr, chromecache_399.2.dr, chromecache_251.2.dr, chromecache_382.2.dr, chromecache_547.2.dr, chromecache_391.2.dr, chromecache_504.2.dr, chromecache_271.2.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_552.2.dr, chromecache_477.2.dr, chromecache_340.2.dr, chromecache_554.2.dr	String found in binary or memory: https://csi.gstatic.com/csi
Source: chromecache_507.2.dr, chromecache_399.2.dr, chromecache_547.2.dr, chromecache_340.2.dr, chromecache_554.2.dr, chromecache_391.2.dr, chromecache_504.2.dr, chromecache_271.2.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
Source: chromecache_496.2.dr, chromecache_361.2.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/fedcm-migration
Source: chromecache_496.2.dr, chromecache_361.2.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#cross_origin)
Source: chromecache_496.2.dr, chromecache_361.2.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#display_moment
Source: chromecache_496.2.dr, chromecache_361.2.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/fedcm-migration?s=dc#skipped_moment
Source: chromecache_507.2.dr, chromecache_399.2.dr, chromecache_547.2.dr, chromecache_391.2.dr, chromecache_504.2.dr, chromecache_271.2.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://drive.google.com/savetodrivebutton?usegapi=1
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://families.google.com/webcreation?usegapi=1&usegapi=1
Source: chromecache_434.2.dr	String found in binary or memory: https://feross.org/opensource
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_329.2.dr, chromecache_437.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_329.2.dr, chromecache_437.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_329.2.dr, chromecache_437.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_329.2.dr, chromecache_437.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4iaVI
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4jaVI
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4kaVI
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4saVI
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4taVI
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4vaVI
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B5OaVI
Source: chromecache_281.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B5caVI
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVE9eOcEg.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVFNeOcEg.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVGdeOcEg.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_411.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_375.2.dr, chromecache_242.2.dr	String found in binary or memory: https://github.com/emn178/js-md5
Source: chromecache_375.2.dr, chromecache_242.2.dr	String found in binary or memory: https://github.com/focus-trap/tabbable/blob/master/LICENSE
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://github.com/google/safevalues/issues
Source: chromecache_532.2.dr, chromecache_408.2.dr	String found in binary or memory: https://help.x.com/rules-and-policies/twitter-cookies
Source: chromecache_302.2.dr, chromecache_573.2.dr	String found in binary or memory: https://jarvis.corp.linkedin.com/codesearch/result/?path=flock-templates%2Fflock%2Femail%2Femail_ser
Source: chromecache_496.2.dr, chromecache_361.2.dr	String found in binary or memory: https://meet.google.com
Source: chromecache_496.2.dr, chromecache_361.2.dr	String found in binary or memory: https://oauth2.googleapis.com/revoke
Source: chromecache_382.2.dr	String found in binary or memory: https://pay.google.com/gp/v/widget/save
Source: chromecache_437.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
Source: chromecache_271.2.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_366.2.dr, chromecache_507.2.dr, chromecache_384.2.dr, chromecache_399.2.dr, chromecache_251.2.dr, chromecache_382.2.dr, chromecache_547.2.dr, chromecache_391.2.dr, chromecache_504.2.dr, chromecache_271.2.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_552.2.dr, chromecache_477.2.dr	String found in binary or memory: https://resources.blogblog.com/img/widgets/icon_contactform_cross.gif
Source: chromecache_399.2.dr, chromecache_547.2.dr	String found in binary or memory: https://ssl.gstatic.com/docs/documents/share/images/spinner-1.gif
Source: chromecache_399.2.dr, chromecache_547.2.dr	String found in binary or memory: https://ssl.gstatic.com/gb/js/
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://ssl.gstatic.com/microscope/embed/
Source: chromecache_399.2.dr, chromecache_547.2.dr	String found in binary or memory: https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
Source: chromecache_386.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_461.2.dr, chromecache_314.2.dr	String found in binary or memory: https://support.x.com/articles/14016
Source: chromecache_461.2.dr, chromecache_314.2.dr	String found in binary or memory: https://support.x.com/articles/18311
Source: chromecache_461.2.dr, chromecache_314.2.dr	String found in binary or memory: https://support.x.com/articles/20172060
Source: chromecache_359.2.dr, chromecache_386.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://talkgadget.google.com/:session_prefix:talkgadget/_/widget
Source: chromecache_352.2.dr, chromecache_544.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/bundle.NetworkInstrument
Source: chromecache_387.2.dr, chromecache_451.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/bundle.UserProfile.45e73
Source: chromecache_249.2.dr, chromecache_320.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/i18n/emoji-en.3afd1e4a.j
Source: chromecache_289.2.dr, chromecache_518.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/i18n/en.c7f87cfa.js.map
Source: chromecache_467.2.dr, chromecache_371.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/loader.AppModules.b2442e
Source: chromecache_576.2.dr, chromecache_422.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/loader.AudioDock.28823fa
Source: chromecache_505.2.dr, chromecache_433.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/loader.SideNav.20f4af6a.
Source: chromecache_526.2.dr, chromecache_306.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/loader.richScribeAction.
Source: chromecache_375.2.dr, chromecache_242.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/main.855db29a.js.map
Source: chromecache_297.2.dr, chromecache_562.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/modules.audio.ab01bdca.j
Source: chromecache_495.2.dr, chromecache_432.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/modules.common.8d74434a.
Source: chromecache_540.2.dr, chromecache_244.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/ondemand.Dropdown.05f2d8
Source: chromecache_369.2.dr, chromecache_266.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/ondemand.s.2ad88e9a.js.m
Source: chromecache_362.2.dr, chromecache_440.2.dr, chromecache_276.2.dr, chromecache_296.2.dr, chromecache_241.2.dr, chromecache_246.2.dr, chromecache_542.2.dr, chromecache_418.2.dr, chromecache_545.2.dr, chromecache_568.2.dr, chromecache_376.2.dr, chromecache_247.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.AccountAna
Source: chromecache_353.2.dr, chromecache_498.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.Articles~b
Source: chromecache_502.2.dr, chromecache_279.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.AudioSpace
Source: chromecache_381.2.dr, chromecache_305.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.Birdwatch~
Source: chromecache_270.2.dr, chromecache_530.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.Bookmarks~
Source: chromecache_488.2.dr, chromecache_327.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.Communitie
Source: chromecache_461.2.dr, chromecache_314.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.ExtendedUs
Source: chromecache_415.2.dr, chromecache_339.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.LiveEvent~
Source: chromecache_560.2.dr, chromecache_529.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.ReaderMode
Source: chromecache_533.2.dr, chromecache_294.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.ReportCent
Source: chromecache_572.2.dr, chromecache_444.2.dr, chromecache_286.2.dr, chromecache_524.2.dr, chromecache_469.2.dr, chromecache_435.2.dr, chromecache_486.2.dr, chromecache_535.2.dr, chromecache_397.2.dr, chromecache_525.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.SettingsPr
Source: chromecache_405.2.dr, chromecache_483.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.ShareJob~b
Source: chromecache_269.2.dr, chromecache_515.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.Topics~bun
Source: chromecache_291.2.dr, chromecache_438.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.UserFollow
Source: chromecache_303.2.dr, chromecache_480.2.dr, chromecache_284.2.dr, chromecache_446.2.dr, chromecache_425.2.dr, chromecache_532.2.dr, chromecache_408.2.dr, chromecache_423.2.dr, chromecache_475.2.dr, chromecache_528.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.AppModules
Source: chromecache_272.2.dr, chromecache_439.2.dr, chromecache_416.2.dr, chromecache_553.2.dr, chromecache_344.2.dr, chromecache_301.2.dr, chromecache_317.2.dr, chromecache_519.2.dr, chromecache_342.2.dr, chromecache_253.2.dr, chromecache_543.2.dr, chromecache_420.2.dr, chromecache_378.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.AudioDock~
Source: chromecache_357.2.dr, chromecache_396.2.dr, chromecache_474.2.dr, chromecache_265.2.dr, chromecache_282.2.dr, chromecache_497.2.dr, chromecache_388.2.dr, chromecache_564.2.dr, chromecache_390.2.dr, chromecache_321.2.dr, chromecache_345.2.dr, chromecache_414.2.dr, chromecache_356.2.dr, chromecache_456.2.dr, chromecache_336.2.dr, chromecache_521.2.dr, chromecache_406.2.dr, chromecache_250.2.dr, chromecache_256.2.dr, chromecache_310.2.dr, chromecache_389.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.DMDrawer~b
Source: chromecache_354.2.dr, chromecache_436.2.dr, chromecache_551.2.dr, chromecache_499.2.dr, chromecache_258.2.dr, chromecache_429.2.dr, chromecache_417.2.dr, chromecache_460.2.dr, chromecache_245.2.dr, chromecache_404.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.DashMenu~l
Source: chromecache_522.2.dr, chromecache_556.2.dr, chromecache_506.2.dr, chromecache_374.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.SideNav~bu
Source: chromecache_243.2.dr, chromecache_383.2.dr, chromecache_487.2.dr, chromecache_574.2.dr, chromecache_463.2.dr, chromecache_401.2.dr, chromecache_300.2.dr, chromecache_484.2.dr, chromecache_464.2.dr, chromecache_434.2.dr, chromecache_328.2.dr, chromecache_459.2.dr, chromecache_509.2.dr, chromecache_295.2.dr, chromecache_373.2.dr, chromecache_254.2.dr, chromecache_343.2.dr, chromecache_548.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.Typeahead~
Source: chromecache_347.2.dr, chromecache_287.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.directMess
Source: chromecache_392.2.dr, chromecache_443.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~ondemand.EmojiPic
Source: chromecache_299.2.dr, chromecache_264.2.dr, chromecache_380.2.dr, chromecache_501.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~ondemand.Settings
Source: chromecache_285.2.dr, chromecache_377.2.dr	String found in binary or memory: https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/vendor.6929bc4a.js.map
Source: chromecache_552.2.dr, chromecache_477.2.dr	String found in binary or memory: https://twitter.com/intent/tweet?text=
Source: chromecache_366.2.dr, chromecache_507.2.dr, chromecache_384.2.dr, chromecache_399.2.dr, chromecache_251.2.dr, chromecache_382.2.dr, chromecache_547.2.dr, chromecache_391.2.dr, chromecache_504.2.dr, chromecache_271.2.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_302.2.dr, chromecache_573.2.dr	String found in binary or memory: https://www.figma.com/file/egkKv7mudRwk2dVPM0WCR6/NBA-Digest-Email?type=design&node-id=2927-186236&t
Source: chromecache_359.2.dr, chromecache_386.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_359.2.dr, chromecache_386.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_359.2.dr, chromecache_386.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_359.2.dr, chromecache_386.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/badge?usegapi=1
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/optin?usegapi=1
Source: chromecache_271.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_271.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_359.2.dr, chromecache_386.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_329.2.dr, chromecache_437.2.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_329.2.dr, chromecache_437.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_329.2.dr, chromecache_437.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://www.gstatic.com/partners/badge/templates/badge.html?usegapi=1
Source: chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	String found in binary or memory: https://www.youtube.com/subscribe_embed?usegapi=1
Source: chromecache_289.2.dr, chromecache_518.2.dr	String found in binary or memory: https://x.com/en/privacy

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50154 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50177 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 50120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 50062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 50119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 50210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 50187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 50144 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 50209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50199 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50216
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50217
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50219
Source: unknown	Network traffic detected: HTTP traffic on port 50174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50210
Source: unknown	Network traffic detected: HTTP traffic on port 50059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50211
Source: unknown	Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 50186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50220
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50198 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 50150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 50164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50204
Source: unknown	Network traffic detected: HTTP traffic on port 50196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50209
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50201
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50200
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50203
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50202
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50185 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50174
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50177
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50179
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50184
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50183
Source: unknown	Network traffic detected: HTTP traffic on port 50068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50186
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50185
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 50091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50188
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50189
Source: unknown	Network traffic detected: HTTP traffic on port 50205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50190
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 50159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50195
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50194
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50197
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50196
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50198
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50139
Source: unknown	Network traffic detected: HTTP traffic on port 50170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50138
Source: unknown	Network traffic detected: HTTP traffic on port 50193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50131
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50132
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50134
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50136
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50140
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50149
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50143
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50146
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50145
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50148
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50147
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50151
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50153
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50155
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50154
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50157
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50156
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50158
Source: unknown	Network traffic detected: HTTP traffic on port 50182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 50137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50162
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50161
Source: unknown	Network traffic detected: HTTP traffic on port 50066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50164
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50163
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50166
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50165
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50168
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50167
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2

Source: classification engine

Classification label: mal64.win@31/518@117/40

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://facebooksecurity.blogspot.dk/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4300 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4300 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 --field-trial-handle=2000,i,12922137782999281147,6157369079005019574,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	5 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	6 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	4 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://facebooksecurity.blogspot.dk/	100%	Avira URL Cloud	phishing
http://facebooksecurity.blogspot.dk/	9%	Virustotal		Browse

Source	Detection	Scanner	Link
fp2e7a.wpc.phicdn.net	0%	Virustotal	Browse
dualstack.video.twitter.map.fastly.net	0%	Virustotal	Browse
www.google.com	0%	Virustotal	Browse
code.jquery.com	1%	Virustotal	Browse
t.co	0%	Virustotal	Browse
cs510.wpc.edgecastcdn.net	0%	Virustotal	Browse
tpop-api.twitter.com	0%	Virustotal	Browse
perimeterx.map.fastly.net	0%	Virustotal	Browse
twitter.com	0%	Virustotal	Browse
s-part-0014.t-0009.t-msedge.net	0%	Virustotal	Browse
bg.microsoft.map.fastly.net	0%	Virustotal	Browse
stk.protechts.net	0%	Virustotal	Browse
tpop-api.x.com	0%	Virustotal	Browse
play.google.com	0%	Virustotal	Browse
inbound-weighted.protechts.net	0%	Virustotal	Browse
blogspot.l.googleusercontent.com	0%	Virustotal	Browse
plus.l.google.com	0%	Virustotal	Browse
abs-zero.twimg.com	0%	Virustotal	Browse
youtube-ui.l.google.com	0%	Virustotal	Browse
x.com	1%	Virustotal	Browse
cs767.wpc.epsiloncdn.net	0%	Virustotal	Browse
photos-ugc.l.googleusercontent.com	0%	Virustotal	Browse
dualstack.twimg.twitter.map.fastly.net	0%	Virustotal	Browse
stun.l.google.com	0%	Virustotal	Browse
googlehosted.l.googleusercontent.com	0%	Virustotal	Browse
blogger.l.google.com	0%	Virustotal	Browse
abs.twimg.com	0%	Virustotal	Browse
api.twitter.com	0%	Virustotal	Browse
platform.linkedin.com	0%	Virustotal	Browse
video.twimg.com	0%	Virustotal	Browse
abs-0.twimg.com	0%	Virustotal	Browse
static.licdn.com	0%	Virustotal	Browse
client.protechts.net	0%	Virustotal	Browse
2.bp.blogspot.com	0%	Virustotal	Browse
www.youtube.com	0%	Virustotal	Browse
4.bp.blogspot.com	0%	Virustotal	Browse
pbs.twimg.com	0%	Virustotal	Browse
www.linkedin.com	0%	Virustotal	Browse
collector-pxdojv695v.protechts.net	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.h-1D-JOvizc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo_3dbjO7NaEjkPT0PwzLRJUFrcOJQ/cb=gapi.loaded_0	0%	URL Reputation	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.AppModules~bundle.Conversation.9cc3eaea.js	0%	URL Reputation	safe
http://underscorejs.org	0%	URL Reputation	safe
https://abs.twimg.com/hashflags/BF-11471_Anime_ABEMA_18ce54aqujn_Hashmoji_20240705_20241007_Monogata	0%	URL Reputation	safe
https://ampcid.google.com/v1/publisher:getClientId	0%	URL Reputation	safe
https://abs.twimg.com/hashflags/BF-11408_NetflixJP18ce54ua4fy_Hashmoji2024_Yomeboku/BF-11408_Netflix	0%	URL Reputation	safe
https://stats.g.doubleclick.net/j/collect	0%	URL Reputation	safe
https://abs.twimg.com/hashflags/BF-11662_Com2us_summoners_STAFF_Branding_Q324_after/BF-11662_Com2us_	0%	URL Reputation	safe
https://abs.twimg.com/hashflags/heavenburnsred_July2024_BF-11558_after_v2/heavenburnsred_July2024_BF	0%	URL Reputation	safe
https://abs.twimg.com/hashflags/BF-11628_fgoproject_9thAnniversary_Hashmoji2024/BF-11628_fgoproject_	0%	URL Reputation	safe
https://abs.twimg.com/hashflags/BF-11686_NetflixJP_Hashmoji_20240803-20241103_Jimenshi/BF-11686_Netf	0%	URL Reputation	safe
https://abs.twimg.com/hashflags/EWCWorldCupEmojiV2/EWCWorldCupEmojiV2.png	0%	URL Reputation	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~bundle.MultiAccount~bundle.Communities~ondemand.SettingsMonetization~bu.4fd68dca.js	0%	URL Reputation	safe
https://abs.twimg.com/hashflags/ParamountPlusJA_TLR_June2024/ParamountPlusJA_TLR_June2024.png	0%	URL Reputation	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpace.58818b4a.js	0%	URL Reputation	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~bundle.AudioSpaceDiscovery.fbe982fa.js	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/ondemand.s.2ad88e9a.js.m	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/modules.common.8d74434a.	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/w72-h72-p-k-no-nu/facebook-google.jpg	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.Grok~bundle.MultiAccount~bundle.ReaderMode~bundle.Articles~bun.f39400ca.js	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.SideNav~bundle.MultiAccount~bundle.JobSearch.3fb6c87a.js	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/loader.AudioDock.28823faa.js	0%	Avira URL Cloud	safe
https://support.x.com/articles/14016	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/s1600/facebook-google.jpg	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.AppModules~bundle.Ocf.7afa811a.js	0%	Avira URL Cloud	safe
https://abs.twimg.com/hashflags/BF-11893_RedSea_Hashmoji2024/BF-11893_RedSea_Hashmoji2024.png	0%	Avira URL Cloud	safe
https://api.x.com/1.1/jot/client_event.json	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpacePeek~bundle.Birdwatch~bundle.Brande.def10c6a.js	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~bundle.UserFollowLists~bundle.UserProfile.e92d398a.js	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpacebarScreen~bundle.Birdwatch~bundle..ef43e36a.js	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMW8agzRJJnOmlRHoFMD6pT4Cuk7jc79cTkWXGzWZNr8TJZR3AsykW_oegPS2AmoznSU04LOGmbjK185nU2a5jCG9pE65LiNSb7A3FF19tAR8cj4dQxTuLrRRX9q1lCZRngjHhI2peJIU/w72-h72-p-k-no-nu/blogfacebooklurking.jpg	0%	Avira URL Cloud	safe
https://apis.google.com/js/platform:gapi.iframes.style.common.js	0%	Avira URL Cloud	safe
http://3.bp.blogspot.com/-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg	0%	Avira URL Cloud	safe
https://www.google.com/css/maia.css	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.DirectMessages~bundle.DMRichTextCompose~bundle.Grok~bundle.Tw.89f84eca.js	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.AccountAna	0%	Avira URL Cloud	safe
https://pay.google.com/gp/v/widget/save	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpacePeek~bundle.AudioSpaceDetail~bundle.a759798a.js	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.DMDrawer~b	0%	Avira URL Cloud	safe
http://4.bp.blogspot.com/-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/s320/t1larg.facebook.jpg	0%	Avira URL Cloud	safe
https://www.google.com/shopping/customerreviews/optin?usegapi=1	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/s400/us_attacks_wall-facebook+virus+allert.jpg	0%	Avira URL Cloud	safe
https://abs.twimg.com/hashflags/BF-11588_Loreal_Lancome_JP_Hashmoji2024/BF-11588_Loreal_Lancome_JP_H	0%	Avira URL Cloud	safe
https://github.com/emn178/js-md5	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/loader.AppModules.b2442e8a.js	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrLaU42y46_ybqP8t2TS9ekCY2dCKk-oGYyBd18CBMybseiMun4aeXWp7YnK-VqYnCm59QOdb2bq6sXH-yCFw7CeNLKoz0GL3JeiewV2XggyNOeaVbGYuZ49RyTj5K92Bs-oXRa7IR428/s1600/Facebook-hack.jpg	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.directMessagesData~loader.Typeahead~loader.DMDrawer~ondemand.DirectMessagesCrypto~bundle.Commun.ce85ab2a.js	0%	Avira URL Cloud	safe
http://facebooksecurity.blogspot.com/img/2.jpg	100%	Avira URL Cloud	phishing
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiujJ85GpGlXLmEmD9_norDKpQnNHQ9VBSF001sNaKPeOoSDK1C-hqHTJTY_rtnaG5HRExTDdSOj6JqiYC_BOL0NrgzG4e-CsrSsOYgsY07WZcbfva6HXTnnFUVdN77JbqwhFwV65toaBI/w72-h72-p-k-no-nu/Facebook+security.jpg	0%	Avira URL Cloud	safe
https://www.blogger.com/static/v1/jsbin/671481879-analytics_autotrack.js	0%	Avira URL Cloud	safe
https://www.blogger.com/static/v1/v-css/3896558673-new_ui_static_pages.css	0%	Avira URL Cloud	safe
https://x.com/x/migrate	0%	Avira URL Cloud	safe
http://twitter.com/salimsays	0%	Avira URL Cloud	safe
https://www.youtube.com/subscribe_embed?usegapi=1	0%	Avira URL Cloud	safe
https://abs.twimg.com/hashflags/BF-11712_GenshinMualani_Hashmoji2024/BF-11712_GenshinMualani_Hashmoj	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/loader.AudioDock.28823fa	0%	Avira URL Cloud	safe
https://abs-0.twimg.com/emoji/v2/svg/26a0.svg	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhRdUkdNaj7S0PczG7Rmt23sdOM3ZHfOgcIbOX4UOuhB5r-PBVtOSQjpp9PBLUMwaQcCeNwvrD7-SUSMWFxH7Jo7pGJAWxx5EhwHnoCa2pNWDmIeVYdgUyhwAHcKJc566cHe-ep2nVPDA/w72-h72-p-k-no-nu/https-background.jpg	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.AudioDock~	0%	Avira URL Cloud	safe
https://plus.google.com	0%	Avira URL Cloud	safe
https://abs.twimg.com/hashflags/BF-11751_Global_miHoYo_Final_Hashmoji_v2/BF-11751_Global_miHoYo_Fina	0%	Avira URL Cloud	safe
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/i18n/emoji-en.3afd1e4a.js	0%	Avira URL Cloud	safe
https://abs.twimg.com/hashflags/BF-11711_GenshinKinich_Hashmoji2024/BF-11711_GenshinKinich_Hashmoji2	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~bundle.MultiAccount~bundle.JobSearch.e8147eda.js	0%	Avira URL Cloud	safe
https://support.x.com/articles/20172060	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.SideNav~bundle.JobSearch.38c081ca.js	0%	Avira URL Cloud	safe
https://abs.twimg.com/hashflags/BF-11708_NetflixJP_Weare_Hashmoji2024/BF-11708_NetflixJP_Weare_Hashm	0%	Avira URL Cloud	safe
https://abs.twimg.com/hashflags/BF_11915_Sabic_Homeland_Hashmoji_24_/BF_11915_Sabic_Homeland_Hashmoj	0%	Avira URL Cloud	safe
https://play.google.com/work/embedded/search?usegapi=1&usegapi=1	0%	Avira URL Cloud	safe
http://3.bp.blogspot.com/-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png	0%	Avira URL Cloud	safe
https://www.figma.com/file/egkKv7mudRwk2dVPM0WCR6/NBA-Digest-Email?type=design&node-id=2927-186236&t	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.ReaderMode	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/i18n/emoji-en.3afd1e4a.j	0%	Avira URL Cloud	safe
https://twitter.com/intent/tweet?text=	0%	Avira URL Cloud	safe
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/s1600/fACEBOOK+VIRUS.jpg	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/ondemand.Dropdown.05f2d88a.js	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~bundle.Birdwatch~bundle.TwitterArticles~bundle.Grok~bundle.Payments~bundle.SettingsProfessionalProfile.7b0a50ea.js	0%	Avira URL Cloud	safe
http://2.bp.blogspot.com/-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png	0%	Avira URL Cloud	safe
https://api.x.com/1.1/jot/ces/p2	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~bundle.SettingsProfile~bundle.UserProfile.6ba4be2a.js	0%	Avira URL Cloud	safe
https://platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1726354200000	0%	Avira URL Cloud	safe
http://1.bp.blogspot.com/-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg	0%	Avira URL Cloud	safe
https://abs.twimg.com/hashflags/BF-11710_GenshinKachina_Hashmoji2024/BF-11710_GenshinKachina_Hashmoj	0%	Avira URL Cloud	safe
https://x.com/en/privacy	0%	Avira URL Cloud	safe
https://www.blogger.com/static/v1/jsbin/3825542531-base.js	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/i18n/en.c7f87cfa.js.map	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.MultiAccount~bundle.Birdwatch~bundle.Communities~bundle.Twitte.862ae2fa.js	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.AppModules	0%	Avira URL Cloud	safe
https://github.com/google/safevalues/issues	0%	Avira URL Cloud	safe
https://abs.twimg.com/hashflags/BF_11905_Hashmoji_Only_After_Aeromexico_90anos/BF_11905_Hashmoji_Onl	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.UserProfile~ondemand.Verified.1e1cc7ca.js	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/loader.SideNav.20f4af6a.js	0%	Avira URL Cloud	safe
https://www.google.com/shopping/customerreviews/badge?usegapi=1	0%	Avira URL Cloud	safe
https://abs.twimg.com/responsive-web/client-web/shared~loader.DMDrawer~bundle.AccountAnalytics~bundle.Articles~bundle.AudioSpaceDiscovery~bundle.Birdwatch~bu.4b0875ea.js	0%	Avira URL Cloud	safe
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.Articles~b	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
perimeterx.map.fastly.net	151.101.130.133	true	false	0%, Virustotal, Browse	unknown
dualstack.video.twitter.map.fastly.net	199.232.188.158	true	false	0%, Virustotal, Browse	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	0%, Virustotal, Browse	unknown
s-part-0014.t-0009.t-msedge.net	13.107.246.42	true	false	0%, Virustotal, Browse	unknown
tpop-api.twitter.com	104.244.42.2	true	false	0%, Virustotal, Browse	unknown
t.co	172.66.0.227	true	false	0%, Virustotal, Browse	unknown
code.jquery.com	151.101.194.137	true	false	1%, Virustotal, Browse	unknown
photos-ugc.l.googleusercontent.com	142.250.184.225	true	false	0%, Virustotal, Browse	unknown
www.google.com	142.250.185.228	true	false	0%, Virustotal, Browse	unknown
cs510.wpc.edgecastcdn.net	152.199.21.141	true	false	0%, Virustotal, Browse	unknown
twitter.com	104.244.42.1	true	false	0%, Virustotal, Browse	unknown
stk.protechts.net	34.107.199.61	true	false	0%, Virustotal, Browse	unknown
plus.l.google.com	142.250.184.238	true	false	0%, Virustotal, Browse	unknown
blogspot.l.googleusercontent.com	142.250.184.193	true	false	0%, Virustotal, Browse	unknown
tpop-api.x.com	104.244.42.66	true	false	0%, Virustotal, Browse	unknown
bg.microsoft.map.fastly.net	199.232.214.172	true	false	0%, Virustotal, Browse	unknown
youtube-ui.l.google.com	172.217.16.206	true	false	0%, Virustotal, Browse	unknown
play.google.com	142.250.186.78	true	false	0%, Virustotal, Browse	unknown
inbound-weighted.protechts.net	35.190.10.96	true	false	0%, Virustotal, Browse	unknown
dualstack.twimg.twitter.map.fastly.net	199.232.188.159	true	false	0%, Virustotal, Browse	unknown
abs-zero.twimg.com	104.244.43.131	true	false	0%, Virustotal, Browse	unknown
cs767.wpc.epsiloncdn.net	152.199.22.144	true	false	0%, Virustotal, Browse	unknown
x.com	104.244.42.65	true	false	1%, Virustotal, Browse	unknown
blogger.l.google.com	142.250.186.169	true	false	0%, Virustotal, Browse	unknown
stun.l.google.com	74.125.250.129	true	false	0%, Virustotal, Browse	unknown
googlehosted.l.googleusercontent.com	142.250.186.161	true	false	0%, Virustotal, Browse	unknown
static.licdn.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
abs.twimg.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
abs-0.twimg.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
2.bp.blogspot.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
api.twitter.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
client.protechts.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
video.twimg.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
www.youtube.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
platform.linkedin.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
3.bp.blogspot.com	unknown	unknown	false		unknown
facebooksecurity.blogspot.dk	unknown	unknown	false		unknown
www.linkedin.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
pbs.twimg.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
api.x.com	unknown	unknown	false		unknown
facebooksecurity.blogspot.com	unknown	unknown	false		unknown
collector-pxdojv695v.protechts.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
1.bp.blogspot.com	unknown	unknown	false		unknown
4.bp.blogspot.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
blogger.googleusercontent.com	unknown	unknown	false		unknown
li.protechts.net	unknown	unknown	false		unknown
apis.google.com	unknown	unknown	false		unknown
www.blogger.com	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.h-1D-JOvizc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo_3dbjO7NaEjkPT0PwzLRJUFrcOJQ/cb=gapi.loaded_0	false	URL Reputation: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~bundle.AudioSpaceDiscovery.fbe982fa.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.AppModules~bundle.Conversation.9cc3eaea.js	false	URL Reputation: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/w72-h72-p-k-no-nu/facebook-google.jpg	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.Grok~bundle.MultiAccount~bundle.ReaderMode~bundle.Articles~bun.f39400ca.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.SideNav~bundle.MultiAccount~bundle.JobSearch.3fb6c87a.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/loader.AudioDock.28823faa.js	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/s1600/facebook-google.jpg	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.AppModules~bundle.Ocf.7afa811a.js	false	Avira URL Cloud: safe	unknown
https://api.x.com/1.1/jot/client_event.json	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/profile/07973550498852665411	false		unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpacePeek~bundle.Birdwatch~bundle.Brande.def10c6a.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~bundle.UserFollowLists~bundle.UserProfile.e92d398a.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~bundle.AudioSpaceDetail~bundle.AudioSpaceDiscovery~bundle.AudioSpacebarScreen~bundle.Birdwatch~bundle..ef43e36a.js	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMW8agzRJJnOmlRHoFMD6pT4Cuk7jc79cTkWXGzWZNr8TJZR3AsykW_oegPS2AmoznSU04LOGmbjK185nU2a5jCG9pE65LiNSb7A3FF19tAR8cj4dQxTuLrRRX9q1lCZRngjHhI2peJIU/w72-h72-p-k-no-nu/blogfacebooklurking.jpg	false	Avira URL Cloud: safe	unknown
https://apis.google.com/js/platform:gapi.iframes.style.common.js	false	Avira URL Cloud: safe	unknown
http://3.bp.blogspot.com/-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.com/2011/11/impress-your-freinds-with-new-facebook.html	false		unknown
https://www.google.com/css/maia.css	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.DirectMessages~bundle.DMRichTextCompose~bundle.Grok~bundle.Tw.89f84eca.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpacePeek~bundle.AudioSpaceDetail~bundle.a759798a.js	false	Avira URL Cloud: safe	unknown
http://4.bp.blogspot.com/-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/s320/t1larg.facebook.jpg	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFP2sUEe8r0fi8HOlfFWOK8wKFkcIUrXnruv7h5SBZvNnaXI70ZiRio6UXhLcUgktuHhPP97Rja5x401PM1hszkmGt9eXKi7Jpr4ZvFV2vlaaT69qcDmGjnTXBKlOze4-_-CNnm592FIY/s400/us_attacks_wall-facebook+virus+allert.jpg	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/loader.AppModules.b2442e8a.js	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrLaU42y46_ybqP8t2TS9ekCY2dCKk-oGYyBd18CBMybseiMun4aeXWp7YnK-VqYnCm59QOdb2bq6sXH-yCFw7CeNLKoz0GL3JeiewV2XggyNOeaVbGYuZ49RyTj5K92Bs-oXRa7IR428/s1600/Facebook-hack.jpg	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.directMessagesData~loader.Typeahead~loader.DMDrawer~ondemand.DirectMessagesCrypto~bundle.Commun.ce85ab2a.js	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.com/img/2.jpg	false	Avira URL Cloud: phishing	unknown
https://www.blogger.com/static/v1/jsbin/671481879-analytics_autotrack.js	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiujJ85GpGlXLmEmD9_norDKpQnNHQ9VBSF001sNaKPeOoSDK1C-hqHTJTY_rtnaG5HRExTDdSOj6JqiYC_BOL0NrgzG4e-CsrSsOYgsY07WZcbfva6HXTnnFUVdN77JbqwhFwV65toaBI/w72-h72-p-k-no-nu/Facebook+security.jpg	false	Avira URL Cloud: safe	unknown
https://www.blogger.com/static/v1/v-css/3896558673-new_ui_static_pages.css	false	Avira URL Cloud: safe	unknown
https://x.com/x/migrate	false	Avira URL Cloud: safe	unknown
http://twitter.com/salimsays	false	Avira URL Cloud: safe	unknown
https://abs-0.twimg.com/emoji/v2/svg/26a0.svg	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhRdUkdNaj7S0PczG7Rmt23sdOM3ZHfOgcIbOX4UOuhB5r-PBVtOSQjpp9PBLUMwaQcCeNwvrD7-SUSMWFxH7Jo7pGJAWxx5EhwHnoCa2pNWDmIeVYdgUyhwAHcKJc566cHe-ep2nVPDA/w72-h72-p-k-no-nu/https-background.jpg	false	Avira URL Cloud: safe	unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/i18n/emoji-en.3afd1e4a.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~bundle.MultiAccount~bundle.JobSearch.e8147eda.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.SideNav~bundle.JobSearch.38c081ca.js	false	Avira URL Cloud: safe	unknown
http://3.bp.blogspot.com/-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png	false	Avira URL Cloud: safe	unknown
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcCBfqFH-5FRDV4HPKZeU-icfeTYGljtHJb5k_tO5wjfrOVhcQH6eYZ37BGlRx_dSg7YV4nbR8EGADxbrcyronaWdPTh4tpJvql3xGI7hADM1ulMPLbUWvRGtHPtxBd6BmgK9MihD5pQ0/s1600/fACEBOOK+VIRUS.jpg	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.DashMenu~loader.SideNav~bundle.MultiAccount~bundle.Communities~ondemand.SettingsMonetization~bu.4fd68dca.js	false	URL Reputation: safe	unknown
https://abs.twimg.com/responsive-web/client-web/ondemand.Dropdown.05f2d88a.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~bundle.Birdwatch~bundle.TwitterArticles~bundle.Grok~bundle.Payments~bundle.SettingsProfessionalProfile.7b0a50ea.js	false	Avira URL Cloud: safe	unknown
http://2.bp.blogspot.com/-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png	false	Avira URL Cloud: safe	unknown
https://api.x.com/1.1/jot/ces/p2	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~bundle.SettingsProfile~bundle.UserProfile.6ba4be2a.js	false	Avira URL Cloud: safe	unknown
https://platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1726354200000	false	Avira URL Cloud: safe	unknown
http://1.bp.blogspot.com/-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg	false	Avira URL Cloud: safe	unknown
http://facebooksecurity.blogspot.dk/	false		unknown
https://www.blogger.com/static/v1/jsbin/3825542531-base.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.Typeahead~loader.AppModules~loader.DMDrawer~bundle.ReaderMode~bundle.Articles~bundle.AudioSpace.58818b4a.js	false	URL Reputation: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.Typeahead~loader.DMDrawer~bundle.MultiAccount~bundle.Birdwatch~bundle.Communities~bundle.Twitte.862ae2fa.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~bundle.AccountAnalytics~bundle.UserProfile~ondemand.Verified.1e1cc7ca.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/loader.SideNav.20f4af6a.js	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/responsive-web/client-web/shared~loader.DMDrawer~bundle.AccountAnalytics~bundle.Articles~bundle.AudioSpaceDiscovery~bundle.Birdwatch~bu.4b0875ea.js	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/ondemand.s.2ad88e9a.js.m	chromecache_369.2.dr, chromecache_266.2.dr	false	Avira URL Cloud: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/modules.common.8d74434a.	chromecache_495.2.dr, chromecache_432.2.dr	false	Avira URL Cloud: safe	unknown
http://underscorejs.org	chromecache_285.2.dr, chromecache_377.2.dr	false	URL Reputation: safe	unknown
https://support.x.com/articles/14016	chromecache_461.2.dr, chromecache_314.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF-11893_RedSea_Hashmoji2024/BF-11893_RedSea_Hashmoji2024.png	chromecache_508.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF-11471_Anime_ABEMA_18ce54aqujn_Hashmoji_20240705_20241007_Monogata	chromecache_508.2.dr	false	URL Reputation: safe	unknown
https://ampcid.google.com/v1/publisher:getClientId	chromecache_359.2.dr, chromecache_386.2.dr	false	URL Reputation: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.AccountAna	chromecache_362.2.dr, chromecache_440.2.dr, chromecache_276.2.dr, chromecache_296.2.dr, chromecache_241.2.dr, chromecache_246.2.dr, chromecache_542.2.dr, chromecache_418.2.dr, chromecache_545.2.dr, chromecache_568.2.dr, chromecache_376.2.dr, chromecache_247.2.dr	false	Avira URL Cloud: safe	unknown
https://pay.google.com/gp/v/widget/save	chromecache_382.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF-11408_NetflixJP18ce54ua4fy_Hashmoji2024_Yomeboku/BF-11408_Netflix	chromecache_508.2.dr	false	URL Reputation: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.DMDrawer~b	chromecache_357.2.dr, chromecache_396.2.dr, chromecache_474.2.dr, chromecache_265.2.dr, chromecache_282.2.dr, chromecache_497.2.dr, chromecache_388.2.dr, chromecache_564.2.dr, chromecache_390.2.dr, chromecache_321.2.dr, chromecache_345.2.dr, chromecache_414.2.dr, chromecache_356.2.dr, chromecache_456.2.dr, chromecache_336.2.dr, chromecache_521.2.dr, chromecache_406.2.dr, chromecache_250.2.dr, chromecache_256.2.dr, chromecache_310.2.dr, chromecache_389.2.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/shopping/customerreviews/optin?usegapi=1	chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/j/collect	chromecache_386.2.dr	false	URL Reputation: safe	unknown
https://abs.twimg.com/hashflags/BF-11662_Com2us_summoners_STAFF_Branding_Q324_after/BF-11662_Com2us_	chromecache_508.2.dr	false	URL Reputation: safe	unknown
https://abs.twimg.com/hashflags/BF-11588_Loreal_Lancome_JP_Hashmoji2024/BF-11588_Loreal_Lancome_JP_H	chromecache_508.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/heavenburnsred_July2024_BF-11558_after_v2/heavenburnsred_July2024_BF	chromecache_508.2.dr	false	URL Reputation: safe	unknown
https://github.com/emn178/js-md5	chromecache_375.2.dr, chromecache_242.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF-11628_fgoproject_9thAnniversary_Hashmoji2024/BF-11628_fgoproject_	chromecache_508.2.dr	false	URL Reputation: safe	unknown
https://abs.twimg.com/hashflags/BF-11686_NetflixJP_Hashmoji_20240803-20241103_Jimenshi/BF-11686_Netf	chromecache_508.2.dr	false	URL Reputation: safe	unknown
https://www.youtube.com/subscribe_embed?usegapi=1	chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF-11712_GenshinMualani_Hashmoji2024/BF-11712_GenshinMualani_Hashmoj	chromecache_508.2.dr	false	Avira URL Cloud: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/loader.AudioDock.28823fa	chromecache_576.2.dr, chromecache_422.2.dr	false	Avira URL Cloud: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.AudioDock~	chromecache_272.2.dr, chromecache_439.2.dr, chromecache_416.2.dr, chromecache_553.2.dr, chromecache_344.2.dr, chromecache_301.2.dr, chromecache_317.2.dr, chromecache_519.2.dr, chromecache_342.2.dr, chromecache_253.2.dr, chromecache_543.2.dr, chromecache_420.2.dr, chromecache_378.2.dr	false	Avira URL Cloud: safe	unknown
https://plus.google.com	chromecache_271.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF-11751_Global_miHoYo_Final_Hashmoji_v2/BF-11751_Global_miHoYo_Fina	chromecache_508.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF-11711_GenshinKinich_Hashmoji2024/BF-11711_GenshinKinich_Hashmoji2	chromecache_508.2.dr	false	Avira URL Cloud: safe	unknown
https://support.x.com/articles/20172060	chromecache_461.2.dr, chromecache_314.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF-11708_NetflixJP_Weare_Hashmoji2024/BF-11708_NetflixJP_Weare_Hashm	chromecache_508.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF_11915_Sabic_Homeland_Hashmoji_24_/BF_11915_Sabic_Homeland_Hashmoj	chromecache_508.2.dr	false	Avira URL Cloud: safe	unknown
https://play.google.com/work/embedded/search?usegapi=1&usegapi=1	chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	false	Avira URL Cloud: safe	unknown
https://www.figma.com/file/egkKv7mudRwk2dVPM0WCR6/NBA-Digest-Email?type=design&node-id=2927-186236&t	chromecache_302.2.dr, chromecache_573.2.dr	false	Avira URL Cloud: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.ReaderMode	chromecache_560.2.dr, chromecache_529.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/EWCWorldCupEmojiV2/EWCWorldCupEmojiV2.png	chromecache_508.2.dr	false	URL Reputation: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/i18n/emoji-en.3afd1e4a.j	chromecache_249.2.dr, chromecache_320.2.dr	false	Avira URL Cloud: safe	unknown
https://twitter.com/intent/tweet?text=	chromecache_552.2.dr, chromecache_477.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/ParamountPlusJA_TLR_June2024/ParamountPlusJA_TLR_June2024.png	chromecache_508.2.dr	false	URL Reputation: safe	unknown
https://abs.twimg.com/hashflags/BF-11710_GenshinKachina_Hashmoji2024/BF-11710_GenshinKachina_Hashmoj	chromecache_508.2.dr	false	Avira URL Cloud: safe	unknown
https://x.com/en/privacy	chromecache_289.2.dr, chromecache_518.2.dr	false	Avira URL Cloud: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/i18n/en.c7f87cfa.js.map	chromecache_289.2.dr, chromecache_518.2.dr	false	Avira URL Cloud: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~loader.AppModules	chromecache_303.2.dr, chromecache_480.2.dr, chromecache_284.2.dr, chromecache_446.2.dr, chromecache_425.2.dr, chromecache_532.2.dr, chromecache_408.2.dr, chromecache_423.2.dr, chromecache_475.2.dr, chromecache_528.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/google/safevalues/issues	chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	false	Avira URL Cloud: safe	unknown
https://abs.twimg.com/hashflags/BF_11905_Hashmoji_Only_After_Aeromexico_90anos/BF_11905_Hashmoji_Onl	chromecache_508.2.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/shopping/customerreviews/badge?usegapi=1	chromecache_366.2.dr, chromecache_384.2.dr, chromecache_251.2.dr, chromecache_382.2.dr	false	Avira URL Cloud: safe	unknown
https://ton.local.twitter.com/responsive-web-internal/sourcemaps/client-web/shared~bundle.Articles~b	chromecache_353.2.dr, chromecache_498.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.246.42	s-part-0014.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.228	www.google.com	United States	15169	GOOGLEUS	false
151.101.130.133	perimeterx.map.fastly.net	United States	54113	FASTLYUS	false
142.250.185.225	unknown	United States	15169	GOOGLEUS	false
142.250.184.225	photos-ugc.l.googleusercontent.com	United States	15169	GOOGLEUS	false
104.244.43.131	abs-zero.twimg.com	United States	54113	FASTLYUS	false
142.250.186.33	unknown	United States	15169	GOOGLEUS	false
142.250.186.78	play.google.com	United States	15169	GOOGLEUS	false
142.250.184.193	blogspot.l.googleusercontent.com	United States	15169	GOOGLEUS	false
142.250.185.233	unknown	United States	15169	GOOGLEUS	false
142.250.185.193	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
199.232.188.158	dualstack.video.twitter.map.fastly.net	United States	54113	FASTLYUS	false
199.232.188.159	dualstack.twimg.twitter.map.fastly.net	United States	54113	FASTLYUS	false
142.250.185.206	unknown	United States	15169	GOOGLEUS	false
35.190.10.96	inbound-weighted.protechts.net	United States	15169	GOOGLEUS	false
216.58.212.129	unknown	United States	15169	GOOGLEUS	false
142.250.185.161	unknown	United States	15169	GOOGLEUS	false
142.250.74.193	unknown	United States	15169	GOOGLEUS	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false
152.199.21.141	cs510.wpc.edgecastcdn.net	United States	15133	EDGECASTUS	false
151.101.194.137	code.jquery.com	United States	54113	FASTLYUS	false
216.58.212.174	unknown	United States	15169	GOOGLEUS	false
172.217.18.110	unknown	United States	15169	GOOGLEUS	false
74.125.250.129	stun.l.google.com	United States	15169	GOOGLEUS	false
34.107.199.61	stk.protechts.net	United States	15169	GOOGLEUS	false
104.244.42.66	tpop-api.x.com	United States	13414	TWITTERUS	false
104.244.42.65	x.com	United States	13414	TWITTERUS	false
104.244.42.1	twitter.com	United States	13414	TWITTERUS	false
104.244.42.2	tpop-api.twitter.com	United States	13414	TWITTERUS	false
142.250.186.161	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
142.250.185.137	unknown	United States	15169	GOOGLEUS	false
104.244.42.193	unknown	United States	13414	TWITTERUS	false
151.101.2.137	unknown	United States	54113	FASTLYUS	false
152.199.22.144	cs767.wpc.epsiloncdn.net	United States	15133	EDGECASTUS	false
142.250.185.174	unknown	United States	15169	GOOGLEUS	false
142.250.186.169	blogger.l.google.com	United States	15169	GOOGLEUS	false
172.66.0.227	t.co	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4
192.168.2.6

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1511345
Start date and time:	2024-09-15 00:50:35 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 2s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://facebooksecurity.blogspot.dk/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal64.win@31/518@117/40
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: http://www.linkedin.com/profile/view?id=138522409&locale=en_US&trk=tab_pro Browse: https://www.blogger.com/profile/07973550498852665411 Browse: http://facebooksecurity.blogspot.com/2011/11/impress-your-freinds-with-new-facebook.html Browse: http://twitter.com/salimsays

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.74.195, 142.250.184.238, 66.102.1.84, 34.104.35.123, 216.58.206.46, 13.85.23.86, 199.232.214.172, 216.58.206.66, 172.217.16.130, 142.250.184.194, 192.229.221.95, 52.165.164.15, 142.250.185.106, 142.250.74.202, 216.58.206.74, 172.217.16.202, 142.250.185.170, 216.58.212.170, 142.250.185.234, 142.250.185.202, 172.217.18.10, 142.250.186.138, 142.250.185.74, 142.250.185.138, 216.58.206.42, 142.250.184.234, 142.250.186.42, 142.250.186.106, 13.107.42.14, 2.19.126.147, 2.19.126.135, 142.250.184.202, 142.250.186.74, 216.58.212.138, 172.217.16.138, 142.250.186.170, 142.250.181.234, 142.250.185.195, 216.239.38.178, 216.239.36.178, 216.239.34.178, 216.239.32.178, 142.250.186.131, 216.58.206.67, 142.250.186.174, 172.217.23.106, 2.23.209.46, 2.23.209.41, 216.239.32.3, 142.250.186.67, 142.250.110.84, 173.194.76.84
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, 2-01-2c3e-003d.cdx.cedexis.net, l-0005.l-msedge.net, clients2.google.com, ocsp.digicert.com, star-azurefd-prod.trafficmanager.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, www.gstatic.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, www.google-analytics.com, www-linkedin-com.l-0005.l-msedge.net, fonts.googleapis.com, fs.microsoft.com, client.protechts.net.edgekey.net, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, fonts.gstatic.com, sites.google.com, www-alv.google-analytics.com, ctldl.windowsupdate.com, ogads-pa.googleapis.com, pagead2.googlesyndication.com, od.linkedin.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, 2-01-2c3e-0055.cdx.cedexis.net, edgedl.me.gvt1.com, csi.gstatic.com, clients.l.google.com, e238010.dscd.ak
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3
Category:	dropped
Size (bytes):	4928
Entropy (8bit):	7.887435371392675
Encrypted:	false
SSDEEP:	96:sflDD46YVHNijsjomutStEStEhBPf1ERYk0KPEGKEa14+VZ:sZfsAj0Vu0CSt6SMTqa
MD5:	74ED1B41B74909BE1342DE38A2D4F442
SHA1:	777BAFFF039B6B5644333F23B19D9253410677A1
SHA-256:	3125B7B9D8770625DEAB10852C92252B91C01C3A65F97EDA9748270AAC938101
SHA-512:	2D6BB0487836DBE24ECA6C6A2924A5FD28E6F03C765C098BBBA0AD86C85D13B7DF0779F9E560B7B026DD9DB6067166CD9E450D069CDC4189EECA3754FCE2137F
Malicious:	false
Reputation:	low
Preview:	......JFIF.............Exif..II.......1...............Google..............................................................................................................................................H.H...........................................;..........................!..."1A.Qa.#2.BRq.....%&3Cb....................................3......................!1.AQ.aq....."..2...B..#Rb.............?.Q......d\..T. ..?3.....^.r@_..y.~....X.uN..-4R.J..k.....2.(V$...;>...S..s..f6.[..J7...u....TY.%..%..%[....Q...].W..v./.R.8T......{.0rd..-!....r.h]......TK...R..n?K.....P....T..G.~.=m..K..r.PK.C..A;.N......,Z.z..J....L.4U."9...j.=!.A...9.R.6..n.OW.7f...g..g..mR.ip.`&Y...5....E.j.b.+.F.i...[..MC...Bx..rO.P.$..9."Te-H.gb...j.....^..~9o......E..5!P..b+.....8.J.%\....T...%..'O...0.xPI..;..4.r"...`.R...7w.%....w..v...f..).mq........ .;. ...@_..r.c1...)G4.\N.,..s..'..Y(.....!.z..r%Ne)..... ...O..`.I....\|...2r...t.EA..s..X.y...w;^.9..H..xZ..[.5.p..B.1U%.u.

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 15, 2024 00:51:33.125505924 CEST	192.168.2.4	1.1.1.1	0x5ad7	Standard query (0)	facebooksecurity.blogspot.dk	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:33.125647068 CEST	192.168.2.4	1.1.1.1	0x9805	Standard query (0)	facebooksecurity.blogspot.dk	65	IN (0x0001)	false
Sep 15, 2024 00:51:33.900223970 CEST	192.168.2.4	1.1.1.1	0xe5c0	Standard query (0)	facebooksecurity.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:33.900360107 CEST	192.168.2.4	1.1.1.1	0xda75	Standard query (0)	facebooksecurity.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:35.123651981 CEST	192.168.2.4	1.1.1.1	0x3261	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:35.124119043 CEST	192.168.2.4	1.1.1.1	0x3f49	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:35.172039986 CEST	192.168.2.4	1.1.1.1	0x460b	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:35.172374964 CEST	192.168.2.4	1.1.1.1	0x5062	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:35.174770117 CEST	192.168.2.4	1.1.1.1	0x7578	Standard query (0)	3.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:35.175337076 CEST	192.168.2.4	1.1.1.1	0x798d	Standard query (0)	3.bp.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:35.176235914 CEST	192.168.2.4	1.1.1.1	0xaf85	Standard query (0)	1.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:35.176879883 CEST	192.168.2.4	1.1.1.1	0x4bf5	Standard query (0)	1.bp.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:35.535959959 CEST	192.168.2.4	1.1.1.1	0x710b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:35.537801981 CEST	192.168.2.4	1.1.1.1	0x989d	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:36.892278910 CEST	192.168.2.4	1.1.1.1	0x99c0	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:36.892774105 CEST	192.168.2.4	1.1.1.1	0x409b	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:36.899029970 CEST	192.168.2.4	1.1.1.1	0xedaa	Standard query (0)	1.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:36.899275064 CEST	192.168.2.4	1.1.1.1	0x3326	Standard query (0)	1.bp.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:36.901958942 CEST	192.168.2.4	1.1.1.1	0xe53f	Standard query (0)	3.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:36.902254105 CEST	192.168.2.4	1.1.1.1	0x2800	Standard query (0)	3.bp.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:37.339035034 CEST	192.168.2.4	1.1.1.1	0x999f	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:37.339519024 CEST	192.168.2.4	1.1.1.1	0x2274	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:38.579093933 CEST	192.168.2.4	1.1.1.1	0x3faf	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:38.579466105 CEST	192.168.2.4	1.1.1.1	0xbab0	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:39.175055981 CEST	192.168.2.4	1.1.1.1	0xdc4c	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:39.175055981 CEST	192.168.2.4	1.1.1.1	0x1e5	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:41.132949114 CEST	192.168.2.4	1.1.1.1	0xd9fa	Standard query (0)	blogger.googleusercontent.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:41.133178949 CEST	192.168.2.4	1.1.1.1	0x6351	Standard query (0)	blogger.googleusercontent.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:41.187639952 CEST	192.168.2.4	1.1.1.1	0x9315	Standard query (0)	4.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:41.187668085 CEST	192.168.2.4	1.1.1.1	0x825e	Standard query (0)	4.bp.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:41.342405081 CEST	192.168.2.4	1.1.1.1	0x1df7	Standard query (0)	2.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:41.342643023 CEST	192.168.2.4	1.1.1.1	0xd6a8	Standard query (0)	2.bp.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:41.396282911 CEST	192.168.2.4	1.1.1.1	0x1fa5	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:41.396481991 CEST	192.168.2.4	1.1.1.1	0x5c29	Standard query (0)	www.youtube.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:41.409722090 CEST	192.168.2.4	1.1.1.1	0x1bf2	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:41.409913063 CEST	192.168.2.4	1.1.1.1	0x1cc2	Standard query (0)	www.youtube.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:41.842087030 CEST	192.168.2.4	1.1.1.1	0x409d	Standard query (0)	4.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:41.842457056 CEST	192.168.2.4	1.1.1.1	0xdca6	Standard query (0)	4.bp.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:42.033678055 CEST	192.168.2.4	1.1.1.1	0x598	Standard query (0)	2.bp.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:42.034039974 CEST	192.168.2.4	1.1.1.1	0xea53	Standard query (0)	2.bp.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:42.547732115 CEST	192.168.2.4	1.1.1.1	0x2abc	Standard query (0)	blogger.googleusercontent.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:42.547732115 CEST	192.168.2.4	1.1.1.1	0xf866	Standard query (0)	blogger.googleusercontent.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:45.904839993 CEST	192.168.2.4	1.1.1.1	0xabf0	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:45.905399084 CEST	192.168.2.4	1.1.1.1	0xeb26	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:47.671536922 CEST	192.168.2.4	1.1.1.1	0x5c3	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:47.671675920 CEST	192.168.2.4	1.1.1.1	0xad77	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:53.365506887 CEST	192.168.2.4	1.1.1.1	0xf41c	Standard query (0)	facebooksecurity.blogspot.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:53.370867968 CEST	192.168.2.4	1.1.1.1	0xe8fa	Standard query (0)	facebooksecurity.blogspot.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:53.946325064 CEST	192.168.2.4	1.1.1.1	0x6fa6	Standard query (0)	www.linkedin.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:53.946695089 CEST	192.168.2.4	1.1.1.1	0xfc4a	Standard query (0)	www.linkedin.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:55.086935997 CEST	192.168.2.4	1.1.1.1	0x8a7e	Standard query (0)	www.linkedin.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:55.087418079 CEST	192.168.2.4	1.1.1.1	0xc790	Standard query (0)	www.linkedin.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:57.685376883 CEST	192.168.2.4	1.1.1.1	0xa140	Standard query (0)	static.licdn.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:57.685535908 CEST	192.168.2.4	1.1.1.1	0x6bf4	Standard query (0)	static.licdn.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:58.175473928 CEST	192.168.2.4	1.1.1.1	0xbf9f	Standard query (0)	www.blogger.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:58.175894022 CEST	192.168.2.4	1.1.1.1	0x14a3	Standard query (0)	www.blogger.com	65	IN (0x0001)	false
Sep 15, 2024 00:51:59.199096918 CEST	192.168.2.4	1.1.1.1	0xfc1c	Standard query (0)	static.licdn.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:51:59.199347019 CEST	192.168.2.4	1.1.1.1	0x9f9b	Standard query (0)	static.licdn.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:00.165775061 CEST	192.168.2.4	1.1.1.1	0xc48c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:00.165932894 CEST	192.168.2.4	1.1.1.1	0x724f	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:00.313107014 CEST	192.168.2.4	1.1.1.1	0xc5d2	Standard query (0)	www.linkedin.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:00.313263893 CEST	192.168.2.4	1.1.1.1	0xc36	Standard query (0)	www.linkedin.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:04.305128098 CEST	192.168.2.4	1.1.1.1	0xd82e	Standard query (0)	li.protechts.net	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:04.305305004 CEST	192.168.2.4	1.1.1.1	0x630e	Standard query (0)	li.protechts.net	65	IN (0x0001)	false
Sep 15, 2024 00:52:04.337353945 CEST	192.168.2.4	1.1.1.1	0x2fef	Standard query (0)	stun.l.google.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:04.338061094 CEST	192.168.2.4	1.1.1.1	0xf658	Standard query (0)	stun.l.google.com	28	IN (0x0001)	false
Sep 15, 2024 00:52:04.355029106 CEST	192.168.2.4	1.1.1.1	0xec5d	Standard query (0)	stun.l.google.com	28	IN (0x0001)	false
Sep 15, 2024 00:52:04.656445026 CEST	192.168.2.4	1.1.1.1	0xdec2	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:04.656784058 CEST	192.168.2.4	1.1.1.1	0x6db9	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:05.108073950 CEST	192.168.2.4	1.1.1.1	0x45b6	Standard query (0)	client.protechts.net	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:05.108483076 CEST	192.168.2.4	1.1.1.1	0xb0b	Standard query (0)	client.protechts.net	65	IN (0x0001)	false
Sep 15, 2024 00:52:06.024864912 CEST	192.168.2.4	1.1.1.1	0xcd8	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:06.025070906 CEST	192.168.2.4	1.1.1.1	0x220f	Standard query (0)	play.google.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:06.322477102 CEST	192.168.2.4	1.1.1.1	0x8306	Standard query (0)	platform.linkedin.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:06.322724104 CEST	192.168.2.4	1.1.1.1	0x6ccb	Standard query (0)	platform.linkedin.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:06.555260897 CEST	192.168.2.4	1.1.1.1	0xcb83	Standard query (0)	client.protechts.net	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:06.555417061 CEST	192.168.2.4	1.1.1.1	0x702d	Standard query (0)	client.protechts.net	65	IN (0x0001)	false
Sep 15, 2024 00:52:06.598618984 CEST	192.168.2.4	1.1.1.1	0xda45	Standard query (0)	stk.protechts.net	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:06.598901033 CEST	192.168.2.4	1.1.1.1	0x99ad	Standard query (0)	stk.protechts.net	65	IN (0x0001)	false
Sep 15, 2024 00:52:06.621400118 CEST	192.168.2.4	1.1.1.1	0xe1e1	Standard query (0)	collector-pxdojv695v.protechts.net	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:06.621613026 CEST	192.168.2.4	1.1.1.1	0x8de5	Standard query (0)	collector-pxdojv695v.protechts.net	65	IN (0x0001)	false
Sep 15, 2024 00:52:06.871452093 CEST	192.168.2.4	1.1.1.1	0x7372	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:06.871701002 CEST	192.168.2.4	1.1.1.1	0x904e	Standard query (0)	play.google.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:07.241235018 CEST	192.168.2.4	1.1.1.1	0x7406	Standard query (0)	collector-pxdojv695v.protechts.net	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:07.241487026 CEST	192.168.2.4	1.1.1.1	0x8b9d	Standard query (0)	collector-pxdojv695v.protechts.net	65	IN (0x0001)	false
Sep 15, 2024 00:52:07.329617023 CEST	192.168.2.4	1.1.1.1	0xea4d	Standard query (0)	stk.protechts.net	65	IN (0x0001)	false
Sep 15, 2024 00:52:07.329617023 CEST	192.168.2.4	1.1.1.1	0x5ab4	Standard query (0)	stk.protechts.net	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:07.532902002 CEST	192.168.2.4	1.1.1.1	0x48c1	Standard query (0)	stun.l.google.com	28	IN (0x0001)	false
Sep 15, 2024 00:52:07.547401905 CEST	192.168.2.4	1.1.1.1	0x527b	Standard query (0)	stun.l.google.com	28	IN (0x0001)	false
Sep 15, 2024 00:52:07.580630064 CEST	192.168.2.4	1.1.1.1	0xa99f	Standard query (0)	platform.linkedin.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:07.580630064 CEST	192.168.2.4	1.1.1.1	0x1b6b	Standard query (0)	platform.linkedin.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:23.398828983 CEST	192.168.2.4	1.1.1.1	0x1f1d	Standard query (0)	twitter.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:23.399260998 CEST	192.168.2.4	1.1.1.1	0x66ba	Standard query (0)	twitter.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:23.932302952 CEST	192.168.2.4	1.1.1.1	0xcd68	Standard query (0)	twitter.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:23.932545900 CEST	192.168.2.4	1.1.1.1	0x7910	Standard query (0)	twitter.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:24.738040924 CEST	192.168.2.4	1.1.1.1	0xd275	Standard query (0)	x.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:24.738284111 CEST	192.168.2.4	1.1.1.1	0xb1ed	Standard query (0)	x.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:26.262922049 CEST	192.168.2.4	1.1.1.1	0x66c0	Standard query (0)	abs.twimg.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:26.263262033 CEST	192.168.2.4	1.1.1.1	0xa7ad	Standard query (0)	abs.twimg.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:26.264486074 CEST	192.168.2.4	1.1.1.1	0x62d1	Standard query (0)	api.twitter.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:26.264729977 CEST	192.168.2.4	1.1.1.1	0x5076	Standard query (0)	api.twitter.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:26.297286034 CEST	192.168.2.4	1.1.1.1	0x8205	Standard query (0)	t.co	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:26.297435045 CEST	192.168.2.4	1.1.1.1	0xddcb	Standard query (0)	t.co	65	IN (0x0001)	false
Sep 15, 2024 00:52:26.298202038 CEST	192.168.2.4	1.1.1.1	0x2083	Standard query (0)	pbs.twimg.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:26.298403978 CEST	192.168.2.4	1.1.1.1	0x4f79	Standard query (0)	pbs.twimg.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:26.306345940 CEST	192.168.2.4	1.1.1.1	0x1a7f	Standard query (0)	api.x.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:26.306494951 CEST	192.168.2.4	1.1.1.1	0xb8fd	Standard query (0)	api.x.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:28.529676914 CEST	192.168.2.4	1.1.1.1	0xdec7	Standard query (0)	video.twimg.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:28.530060053 CEST	192.168.2.4	1.1.1.1	0x2fb1	Standard query (0)	video.twimg.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:30.260271072 CEST	192.168.2.4	1.1.1.1	0x6ea1	Standard query (0)	abs-0.twimg.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:30.260271072 CEST	192.168.2.4	1.1.1.1	0x830f	Standard query (0)	abs-0.twimg.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:30.266073942 CEST	192.168.2.4	1.1.1.1	0x77be	Standard query (0)	abs.twimg.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:30.266258001 CEST	192.168.2.4	1.1.1.1	0x8d36	Standard query (0)	abs.twimg.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:30.931863070 CEST	192.168.2.4	1.1.1.1	0x4b37	Standard query (0)	abs-0.twimg.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:30.931863070 CEST	192.168.2.4	1.1.1.1	0x2a53	Standard query (0)	abs-0.twimg.com	65	IN (0x0001)	false
Sep 15, 2024 00:52:34.781791925 CEST	192.168.2.4	1.1.1.1	0x328c	Standard query (0)	api.x.com	A (IP address)	IN (0x0001)	false
Sep 15, 2024 00:52:34.781969070 CEST	192.168.2.4	1.1.1.1	0x877c	Standard query (0)	api.x.com	65	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:33.154706955 CEST	443	OUT	GET / HTTP/1.1 Host: facebooksecurity.blogspot.dk Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:33.894037008 CEST	437	IN	HTTP/1.1 302 Moved Temporarily Location: http://facebooksecurity.blogspot.com/ Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Date: Sat, 14 Sep 2024 22:51:33 GMT Expires: Sat, 14 Sep 2024 22:51:33 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Content-Length: 202 Server: GSE
Sep 15, 2024 00:51:34.028934002 CEST	202	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 ff 6d 8f c1 0e 82 30 10 44 ef 7c c5 5a cf 50 bd 9a 4a 82 52 c1 04 42 82 3d e8 11 71 15 23 b8 a4 14 13 ff de 52 3d 3a 97 cd ce 4e 32 6f 45 aa f2 2c f4 44 2a a3 d8 0e b5 57 99 0c 73 7a e1 05 14 76 3d e9 4a df db b7 e0 df Data Ascii: m0D\|ZPJRB=q#R=:N2oE,DWszv=J'/)lmwN<.\|Z*B@S -nc3czw-LPSYF0w~&
Sep 15, 2024 00:52:19.204088926 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:33.920530081 CEST	444	OUT	GET / HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:34.860003948 CEST	419	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Expires: Sat, 14 Sep 2024 22:51:34 GMT Date: Sat, 14 Sep 2024 22:51:34 GMT Cache-Control: private, max-age=0 Last-Modified: Wed, 28 Aug 2024 23:43:33 GMT ETag: W/"5f5c1da81114420560597a091adc3d3dbd351d0032fffd44472cf59b89c6bcf9" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 24820 Server: GSE
Sep 15, 2024 00:51:34.860078096 CEST	1236	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 ff ec 7d 69 7b da c8 b2 f0 e7 f8 57 f4 90 3b 83 7d 82 00 b1 63 c7 39 17 e3 35 de 0d de 92 3b af 1f 81 1a 90 11 12 d6 02 c6 b9 f3 df df aa ee d6 8a f0 36 c9 4c e6 1e c7 4f 6c 90 7a a9 ae ae ae ad ab ab 3f fe b2 79 dc 6c Data Ascii: }i{W;}c95;6LOlz?yl_l3?-}?~zz8\n:fisr^c4/f_9r?s8W'+`4N1$xE[fO-VvG&rn}r9/bEn}q4NN81]O
Sep 15, 2024 00:51:34.860112906 CEST	1236	IN	Data Raw: 04 fa 30 bf 2d c1 93 be 66 ac e6 d7 96 c6 30 6e a0 26 fc d8 31 2d 68 12 3f 99 ae 03 8b 92 e2 c7 1e ac 65 c9 d6 1e e8 aa 9c cf ff ba b6 34 a1 08 ae a2 4b b0 a8 fb c6 6a 47 b1 29 16 85 da c0 19 10 18 43 5d 75 2c c5 b0 c7 0a d2 26 4c 0c ce 09 cc 57 Data Ascii: 0-f0n&1-h?e4KjG)C]u,&LWm4Y\|i~y;_nww\^=+W*R-N?{;WsLts`Hb,=e.'BKS)08@T$9Lz_8b8kK$vMi N~[~
Sep 15, 2024 00:51:34.860146046 CEST	1236	IN	Data Raw: 41 24 ae 74 17 c3 5d 8f e7 5e 87 87 8b 6d 67 ab 61 58 05 cf 93 58 1d 79 7e c6 c3 76 d4 1c 61 32 7d 79 6e 60 12 b7 1b 83 b6 0a c5 c2 76 5e 8e b4 55 60 6d 51 c7 09 19 56 59 39 59 21 17 1d 48 65 81 14 b0 e9 47 28 b4 98 bb 2f aa e9 f0 c1 7a b8 e0 9a Data Ascii: A$t]^mgaXXy~va2}yn`v^U`mQVY9Y!HeG(/z/4~fe#4AL?Bgpu_4;"D~rh^6\e;~l4rXFs%z1LIg1I)d_j5Be,D;
Sep 15, 2024 00:51:34.860179901 CEST	390	IN	Data Raw: ee e8 0a da 4e 7f 44 db c1 2f 3d 8c 2d 48 6c 30 62 da 16 b7 2b db f5 35 02 c5 f8 4b f4 5e 64 70 6c 19 b6 22 c8 2a 01 a9 45 b8 d2 c2 1a 0a 01 26 10 ed 91 74 22 08 9e 87 f5 09 38 0a 95 aa d2 ad 3c 0a c7 33 60 48 8a 36 48 46 8c 92 ed 09 f9 1c 01 cc Data Ascii: ND/=-Hl0b+5K^dpl"E&t"8<3`H6HFqh,E=,C4{,V[&8#-FRadA^>_.)60'dUmbeTj2 #%Z{\|H?L<yDL4'K'04V?X;zF_
Sep 15, 2024 00:51:34.860229015 CEST	1236	IN	Data Raw: 53 a4 b1 a4 f8 5f 0c fb 9f 35 83 69 34 de b6 b0 d7 5b d0 19 92 b8 6d 17 91 da d8 96 6c d4 c9 5b e2 2e 64 af ed 45 6e e3 b9 62 4f bc 7e 5a 4c 26 ef a5 14 e6 f7 52 be 48 f7 f7 e3 46 65 e3 e1 ae 8f c1 e3 cd f6 f5 59 ff a4 10 0e 1e df ca 35 e8 f0 58 Data Ascii: S_5i4[ml[.dEnbO~ZL&RHFeY5X26SISCR,wTpZAn9Es$/E{\|^*p^x[s'sDHbO~=7RB3M<5-#OL0Kb?Ly$J9`%9<7alE1Jc&
Sep 15, 2024 00:51:34.860260963 CEST	1236	IN	Data Raw: b0 ba 1f d2 29 c2 d6 85 78 1c 5e 2a 1f d2 e3 fb 14 e1 8b 29 fa 9a 3f 63 ef 73 b8 90 01 9e 4f e9 35 24 9b e8 90 f8 80 80 6a 82 01 c3 63 28 20 06 f3 01 06 03 b8 fa 94 86 4f d1 f5 c4 ed 12 83 5a bb ed c3 03 76 a6 73 85 95 ce b1 e2 d0 68 a4 40 d0 25 Data Ascii: )x^*)?csO5$jc( OZvsh@%J%X)9a[j-.?N%+Ly9Mb8\|y<\|=J[>],&{:;+u5"lW+.HvlGlnC_~!:Z[b\|s
Sep 15, 2024 00:51:34.860292912 CEST	1236	IN	Data Raw: f1 25 7c a8 42 42 df 44 8c b0 f2 31 dc e2 f7 ae 6b d9 c0 92 c6 a6 26 a4 63 64 eb 3e 62 1a 85 4e 73 49 85 38 51 be 7a 92 12 74 a0 20 b1 13 f6 54 ff 13 14 b0 aa 74 11 67 8b 5b 2f 87 58 2b 23 da 02 e1 1e 3a de 78 92 d9 b0 40 4f e6 e1 33 62 42 8a f9 Data Ascii: %\|BBD1k&cd>bNsI8Qzt Ttg[/X+#:x@O3bBGMBSEW-;Ya[UjJeoDFD~#Ny.kS1{4'0D9LAc0G\|LsK#"R<m?Z,gO.I
Sep 15, 2024 00:51:34.860325098 CEST	1236	IN	Data Raw: 31 98 23 71 62 8b 80 4e 2a f4 68 44 5a 12 d8 49 8d 24 73 a0 e2 22 0e 54 5c c0 81 8a c9 1c a8 98 c0 81 8a 73 6b 6f 81 0e 1c 9c 2b 99 53 84 62 6b 2f 6c 4f 7b f9 68 c2 6b 91 19 be 24 b8 2d 85 45 51 0b 0a 2d 87 59 7b 3d ae 4d 3d ae 8e 0e 47 9f 6b 8d Data Ascii: 1#qbN*hDZI$s"T\sko+Sbk/lO{hk$-EQ-Y{=M=GkdR?Zhw-N6/j+?!Cz-5wotI;Z3"(jvO5Y"e/~%f^2;8D-W
Sep 15, 2024 00:51:34.860356092 CEST	1236	IN	Data Raw: fa 53 78 1e b1 9b d8 e5 6c 61 3a 0a a5 6c 8d 91 d1 82 c7 3d 26 2c 03 5e c0 32 9f 85 f8 01 37 db c8 21 6a 3e 7c d9 84 2a 07 09 ae 62 ad da b1 56 ed 58 ab 0d 5d 27 8f b6 1c c9 84 24 48 d1 07 51 a4 8c 02 d9 e4 25 8f 02 16 10 6d 4e 2c ed 10 47 5d f2 Data Ascii: Sxla:l=&,^27!j>\|bVX]'$HQ%mN,G]]0MnJn`R^0)\J-/Tf?CjQ@bbm5K6kAT>ptbV]x7nKpZ}sCwo(>'x
Sep 15, 2024 00:51:34.860389948 CEST	1236	IN	Data Raw: 50 6e 6d 7c 99 1c 19 ca d5 5e 35 ff 45 3b d3 cc ca f9 d5 e0 a0 7b de 1f 3a ee ee e0 e4 a4 5e 3d bb 55 ca f7 a5 bc 7c 72 28 0f ec 87 e1 68 c7 a9 d3 ab 7d ad fa 79 6c 95 be 4c b6 2f 0a 13 5d 51 da 95 fa 5d 77 73 b4 73 6b b4 af 36 f6 f5 e3 07 5a 92 Data Ascii: Pnm\|^5E;{:^=U\|r(h}ylL/]Q]wssk6Zn1{HtA7S`xj>L@?4aamFw`u>"iJe:#\|<z*"<5zQkehekSP+U~4_OhR5P5^E',$KR:oc?s>
Sep 15, 2024 00:51:41.078772068 CEST	400	OUT	GET /img/2.jpg HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:41.361887932 CEST	350	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Sat, 14 Sep 2024 22:51:41 GMT Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 15813 Server: GSE
Sep 15, 2024 00:51:51.565224886 CEST	402	OUT	GET /favicon.ico HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:52.094059944 CEST	409	IN	HTTP/1.1 200 OK Content-Type: image/x-icon Expires: Sat, 14 Sep 2024 22:51:51 GMT Date: Sat, 14 Sep 2024 22:51:51 GMT Cache-Control: private, max-age=86400 Last-Modified: Wed, 28 Aug 2024 23:43:33 GMT ETag: W/"5f5c1da81114420560597a091adc3d3dbd351d0032fffd44472cf59b89c6bcf9" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 665 Server: GSE
Sep 15, 2024 00:52:08.818481922 CEST	495	OUT	GET /2011/11/impress-your-freinds-with-new-facebook.html HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:52:09.219432116 CEST	419	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Expires: Sat, 14 Sep 2024 22:52:09 GMT Date: Sat, 14 Sep 2024 22:52:09 GMT Cache-Control: private, max-age=0 Last-Modified: Wed, 28 Aug 2024 23:43:33 GMT ETag: W/"5f5c1da81114420560597a091adc3d3dbd351d0032fffd44472cf59b89c6bcf9" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 17918 Server: GSE
Sep 15, 2024 00:52:14.774430037 CEST	459	OUT	GET /2011/11/img/2.jpg HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/2011/11/impress-your-freinds-with-new-facebook.html Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:52:15.112611055 CEST	350	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Sat, 14 Sep 2024 22:52:14 GMT Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 15822 Server: GSE

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:35.185422897 CEST	333	OUT	GET /jquery-1.7.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:35.639851093 CEST	600	IN	HTTP/1.1 200 OK Connection: keep-alive Content-Length: 33254 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: W/"28feccc0-16f44" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Content-Encoding: gzip Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Age: 2647226 Date: Sat, 14 Sep 2024 22:51:35 GMT X-Served-By: cache-lga21959-LGA, cache-nyc-kteb1890098-NYC X-Cache: HIT, HIT X-Cache-Hits: 4122, 0 X-Timer: S1726354296.594443,VS0,VE1 Vary: Accept-Encoding
Sep 15, 2024 00:51:35.640131950 CEST	1236	IN	Data Raw: 1f 8b 08 00 00 00 00 00 02 03 c4 bd f9 62 db 48 92 37 f8 ff 3c 85 88 f6 c8 80 99 a2 a4 3a 66 a6 41 c1 5c 1f e5 ae ea ae 6b ca 9e ae ee a1 e8 5a 5c 04 c1 db 24 65 d9 25 72 9e 65 9f 65 9f 6c e3 17 91 99 48 80 90 ec ee fd be dd 3a 44 1c 89 3c 23 e3 Data Ascii: bH7<:fA\kZ\$e%reelH:D<#8tNyo>{jq77Mq>/\|O?Yrcw$}&l'^\f[z8\e<?^e~u;"\Z?rw0wId}TY4+w^\|
Sep 15, 2024 00:51:35.640221119 CEST	1236	IN	Data Raw: a4 13 2d 6f e6 f3 d3 53 5d 51 52 55 c4 f3 ce 20 83 e9 4a 02 db 68 ce d5 25 c3 7c c4 35 4a 7d 19 e3 67 67 a8 89 e0 20 46 2b d4 76 41 c8 32 9e c6 1f 5e e7 bb 1d ed f9 6d 6f 3c 8f 77 3f ad 51 76 bb df 03 a1 53 6b 19 5a 4a 83 74 98 8d 3a 02 33 7e 41 Data Ascii: -oS]QRU Jh%\|5J}gg F+vA2^mo<w?QvSkZJt:3~AGA@P}>d~BafczjzhVDVp<(]i4L4/9_^M9*!y4!@\h0wcagyt~N!QZ1zD$V
Sep 15, 2024 00:51:35.640237093 CEST	448	IN	Data Raw: 2a a9 ed 03 a9 e9 17 e1 ec dc 81 8d 45 f1 90 50 df 3b 29 68 93 fb 28 38 7c 56 7f 69 d6 96 22 dc 00 b6 9e 46 17 d2 f7 6a a6 ff 5a f5 ab 13 13 d3 1c 3b 14 b5 d2 1f 32 7d 75 3b ed 28 12 7f f4 6d 05 17 d5 d3 1f aa a7 4e d9 65 83 d1 ec 7a 84 8e 88 7b Data Ascii: *EP;)h(8\|Vi"FjZ;2}u;(mNez{'Zl}?a&[JRwymefajUNr?Pb&"A]8s\10aM=t2WPnYwz+&2 Ab~;3<7z03Sv7}uSRw R
Sep 15, 2024 00:51:35.640254021 CEST	1236	IN	Data Raw: 27 8a 22 ab 5e 3f 4c 70 74 a2 79 6f bc 24 ac 40 b3 80 bd 38 21 18 86 5e 4b ce 2a 58 a9 f5 88 75 98 e7 6f fd 41 38 7c fb 87 ab d1 13 ff 6a 78 7d 7b fd eb a8 fb 34 18 be 7d 3a 7a f2 68 ff 07 1f 4f ce 46 4f 82 47 c1 39 64 d3 eb d7 e7 24 f1 93 88 4a Data Ascii: '"^?Lptyo$@8!^K*XuoA8\|jx}{4}:zhOFOG9d$JJ9ZEv'T`@Vzx=RzK5}wdFWyE--7'ggK]'U]:dp..<`x
Sep 15, 2024 00:51:35.640266895 CEST	1236	IN	Data Raw: 77 3c e3 67 67 53 91 11 fa d3 ab 59 7f 4a 52 01 21 4f a2 65 55 4b d3 51 20 27 82 81 55 34 c5 20 a0 50 04 81 ad a6 1f 56 52 51 bd e3 4a c8 9b 93 18 88 43 fc 06 a1 1c 07 fb bd 5f 44 15 ae 18 07 c4 10 fa 05 fd 47 63 27 59 98 78 8e ea 25 91 d5 8c 96 Data Ascii: w<ggSYJR!OeUKQ 'U4 PVRQJC_DGc'Yx%$fTdSXcu~;`[^cZng$F`U(;Ez/"xpFx8j.HgPth-9!!}\\|+#T!ZO ]WsZ&~9"
Sep 15, 2024 00:51:35.640290022 CEST	1236	IN	Data Raw: fb 31 be 2a fa 63 ea 07 9f d0 6a c8 0f d8 e0 89 f6 7e c6 e2 2f 3f 75 71 5c 5d 5e ae ed 72 da e3 43 63 83 68 e7 87 44 c8 9a 16 73 bf 9f 8a d4 a3 67 6c 5a 4d 15 61 c2 e9 53 e2 eb 63 36 4c 8d 87 d3 33 48 90 54 20 ba 10 a0 32 aa 1b c6 14 b3 c0 d8 33 Data Ascii: 1cj~/?uq\]^rCchDsglZMaSc6L3HT 23#M/Gjl24v3}?92MqSf$B+cX8>f4bGG(]SH.c%C!:/z99vfAio`>rccY=x-*
Sep 15, 2024 00:51:35.640307903 CEST	1236	IN	Data Raw: 19 df 32 2d 08 db f0 34 1f 9b 70 0b 19 d5 c2 d3 c4 8f a6 6c 21 4e b5 c9 a3 dd 24 5f 1e 49 63 65 0f 8d d3 4c f4 d0 32 a1 e4 9e 69 d6 61 36 64 fe e3 f9 6d fc 71 db d2 03 a9 43 63 bb d2 59 3f ae b3 e5 f9 41 ad cb 75 7e d4 17 6b 62 60 56 aa 32 c1 cc Data Ascii: 2-4pl!N$_IceL2ia6dmqCcY?Au~kb`V2L0VUo$F;wTy2Z"$s$ZQzn!vcgZzXy+.Da;x#np90[0H?^nAUA/V2vy4<@f8M*
Sep 15, 2024 00:51:35.640322924 CEST	1236	IN	Data Raw: 84 6e f3 cd ee 79 4e 1f e7 fe 8a 1e 54 38 1d 0b 63 3e b3 7b 4e cf fa ac 47 e4 0e 31 99 e6 51 2d 30 01 81 cf 17 ca fb 7d b5 5a b0 f1 8b 74 83 77 83 2c 84 8e a4 04 2f 5a a0 88 6a bd f0 09 ec 0d 7b ed b8 a3 a5 95 a3 2a bd 3a 2c 5c d1 4a 19 9a 2e 0b Data Ascii: nyNT8c>{NG1Q-0}Ztw,/Zj{:,\J.QDYGa3Sobe.Owru5wvM`a;O5'p7X=GP.^}C>YT4pg^
Sep 15, 2024 00:51:35.640338898 CEST	552	IN	Data Raw: 96 c2 b3 21 42 f3 89 d6 cb 4f 07 8b b0 11 a1 21 a0 3e e9 9e 1f d8 58 2a b5 11 67 6a 3d a7 cd c9 83 34 65 2b 04 57 93 ea 69 13 4c 7b 8e b1 fe c0 a9 8b a7 42 70 6f c9 a1 27 5a 6b 30 5f d4 f7 63 33 18 cf 20 7e 20 3c 4f 58 df 5d ec f9 75 50 bf 65 6d Data Ascii: !BO!>Xgj=4e+WiL{Bpo'Zk0_c3 ~ <OX]uPemaOntN1G'z::40gHBej_n!:<3Y;[WAtxYW\7!C8]%5#i"6:Kz?(tX@jn;D9
Sep 15, 2024 00:51:35.645241976 CEST	1236	IN	Data Raw: 0c 36 4a d4 a3 2c 3f ee 93 0e 87 65 a7 04 f6 0b 5c 4a da 87 29 8b b1 18 42 f0 d7 7e a6 e3 c6 e9 03 73 8e 01 59 95 a1 0f 78 3d c1 fd 20 58 5d 6a 83 aa ba df 04 ee f2 76 bd de e6 66 c9 40 6b 8c 5b 55 7d d7 e7 55 7f 0e 08 c9 a4 52 7b 88 d4 0c a5 64 Data Ascii: 6J,?e\J)B~sYx= X]jvf@k[U}UR{d>T,sGh^q#4+B-IG+-\|$.=t]MHZVS8b*q[Zgl6O4lV3yDFS&:?DV9&}l,}h q

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:35.189963102 CEST	439	OUT	GET /-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg HTTP/1.1 Host: 1.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:36.000458002 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="2.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 13767 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:35 GMT Expires: Sun, 15 Sep 2024 22:51:35 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v15b1" Content-Type: image/jpeg Vary: Origin Age: 0 Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff e2 02 40 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 02 30 41 44 42 45 02 10 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 cf 00 06 00 03 00 00 00 00 00 00 61 63 73 70 41 50 50 4c 00 00 00 00 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f6 d6 00 01 00 00 00 00 d3 2d 41 44 42 45 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 63 70 72 74 00 00 00 fc 00 00 00 32 64 65 73 63 00 00 01 30 00 00 00 6b 77 74 70 74 00 00 01 9c 00 00 00 14 62 6b 70 74 00 00 01 b0 00 00 00 14 72 54 52 43 00 00 01 c4 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII*12i:Google0220@ICC_PROFILE0ADBEmntrRGB XYZ acspAPPLnone-ADBEcprt2desc0kwtptbkptrTRCgTRCbTRCrXYZgXYZbXYZtextCopyright 1999 Adobe Systems IncorporateddescAdobe RGB (1998)XYZ QXYZ curv3curv3curv3XYZ OXYZ 4,XYZ &1/CC
Sep 15, 2024 00:51:36.000473976 CEST	1236	IN	Data Raw: 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 Data Ascii: ?!1A"Qa2q#BRb$3Cr4!1AQ"aq
Sep 15, 2024 00:51:36.000489950 CEST	352	IN	Data Raw: e7 f1 26 b8 99 09 6d 45 05 d4 82 4e c7 d7 73 b7 52 40 e8 30 29 1e 05 44 a2 1e 8d 81 26 ed 09 b7 fc 7f 01 4d ad 0e aa 48 20 38 12 39 81 68 9e e1 20 9c 1c 6f b6 36 ae f0 23 7e 08 b6 97 d1 c6 7c b4 bc c3 a0 3c a5 a4 82 12 30 90 b4 85 84 ad 4b db 3f Data Ascii: &mENsR@0)D&MH 89h o6#~\|<0K?0='a#MA;lE,w[vNZ>yt"$!dw'i\Amx<71jSr)R!n\|h]g~ h$vAJqjQrtZ
Sep 15, 2024 00:51:36.000583887 CEST	1236	IN	Data Raw: 72 0e fb f5 ac fe 83 4f f7 8b fd 49 2f 99 77 a9 b3 d2 ab 08 e6 0d 39 ac 1e 98 e2 62 a8 a4 a7 9f 1b 0d cf bd 6f d5 7d a9 33 17 3b 1c 9b 2e 15 ca 4c 5d 38 47 85 e2 95 11 d4 e0 55 84 2a 95 b1 d8 a8 cf 6d 9b 94 06 bc 8a a6 5f 94 fa d2 54 b7 15 e2 28 Data Ascii: rOI/w9bo}3;.L]8GUm_T((G]rpl:#0Jzvq@'7qRx2<r:S#VLD;hn;sp>;-OMii1[rA.dnR\rhW JjJV(Jsss$w
Sep 15, 2024 00:51:36.000600100 CEST	1236	IN	Data Raw: 85 09 1c ab 2f 92 00 6c 23 3b 8e b9 db a6 f9 a2 ef 7d c0 f6 95 5b 57 d8 56 fb e2 1a 75 d6 9c 09 51 09 0e 2c 24 13 8d 8e e7 1d 7d 68 9d 89 20 a3 5b 91 1b e2 6e a3 37 0b 8a d9 8c c3 b1 a2 3a da 52 b7 d0 70 5d 50 27 f5 83 1f 29 4e c9 29 24 f3 63 39 Data Ascii: /l#;}[WVuQ,$}h [n7:Rp]P')N)$c95&BefD_Hu D\|n6qA%=7Xji<u'=(z]%+B-G9Q"sF?P%8\|21Apr~nUoS?x)#*q
Sep 15, 2024 00:51:36.000614882 CEST	1236	IN	Data Raw: 92 7b 9f 0c 2f 0c e9 89 17 6b 83 69 89 d0 b5 19 d5 61 d5 6f b9 29 fd 91 8f 5e ff 00 6a e8 c9 27 83 9c 5b 45 31 7d 80 cb 6d ba 56 94 84 80 77 1b 93 fe f5 63 0c b2 b6 d8 a8 f2 56 f2 ac ce 48 6d 6b 73 05 cc 11 e5 23 05 6a 39 20 7a 9d c0 fb 54 de e4 Data Ascii: {/kiao)^j'[E1}mVwcVHmks#j9 zT^!/VU(?AVhJ}Zyjy(vOL~#~*`m@H>'@95s'rF<[e1u 'WU4s`8/U4B}p!Wp&Vr
Sep 15, 2024 00:51:36.000639915 CEST	1236	IN	Data Raw: 94 a7 97 94 a5 20 9c aa ab db 52 c3 45 d5 10 76 ef 25 b7 ef fe bf 71 74 f8 ab 05 41 5d fa 9a 25 b1 2e 51 12 ae d6 24 bd cd cd cb 95 79 87 5c d1 77 34 31 28 1a e0 58 a2 db ee 0b 96 d0 ca f9 79 10 31 b2 47 7a 37 26 e3 82 2f 6a 8c b2 16 e6 1c 9c b5 Data Ascii: REv%qtA]%.Q$y\w41(Xy1Gz7&/j)xk.Cc=['T#bTjK#sm-#IlOUffuJGI<X(u4b&AM?dN:yT'p^9Y$+,iD?Y,Jf{8$kr#F4 i#2
Sep 15, 2024 00:51:36.000655890 CEST	1236	IN	Data Raw: 4f 59 a4 59 cc 56 e4 a5 95 15 b6 56 4e 42 4d 4d 97 51 be 98 c6 35 bd 8a 89 74 ea 2f 93 94 d6 e5 cd a2 ef 68 d6 16 8b ab ef b0 88 6f 45 71 09 69 48 f9 5c c8 f9 7e b5 3f 41 d5 ae b3 53 1a ad c3 52 fd 0a ed 6f 4b aa ba 5c ea e5 1b 1e 68 a7 a8 af 42 Data Ascii: OYYVVNBMMQ5t/hoEqiH\~?ASRoK\hBF1\|=OY@RW(ni)=g8s[j+d-v=lPup7\|m5@[k141bHT=U}>orlUokPbcads ,\|SmH8N8luK&W*1bQ
Sep 15, 2024 00:51:36.000672102 CEST	1236	IN	Data Raw: af 86 67 3a be 8a 76 3f bc 57 bf ba ff 00 05 90 f3 7b e4 10 a4 9d c1 07 20 8a f4 2a d6 19 8f 90 2b 83 35 6d 5f 04 49 72 2d 9a d6 c6 9e 92 d8 48 b1 33 c9 c1 a8 7c 48 93 9c a3 42 fe 5a b3 a9 90 2c 00 96 36 35 2f 1b 11 73 b8 5b 0a ce 33 5f 32 33 d0 Data Ascii: g:v?W{ +5m_Ir-H3\|HBZ,65/s[3_23jL0`9WWnmq@2]_KEF{t/GpA=iiCmw$;$N?ZI2[WLKPu,tPVny3Xxj+$\G^{grR^<5n[Je
Sep 15, 2024 00:51:36.000688076 CEST	1236	IN	Data Raw: fb d1 fc 4b d3 cd 70 c2 46 87 46 8c b7 5b 35 1b e9 09 66 f7 08 04 aa 7e 0e 79 5e 0a 05 5e 2e 33 82 93 ca ae 98 07 63 1a c8 4a 4d 4b 3b 20 e3 24 b6 14 70 76 57 f8 6e 65 fa 0d cd c4 42 8d 21 d4 c8 69 d9 0a 08 42 57 f2 a8 1c f4 38 00 fd ab d2 7e cd Data Ascii: KpFF[5f~y^^.3cJMK; $pvWneB!iBW8~um>)ggKu!ebs{p$TrAmEZu2kMc6&/Z&gr0}j%tWJlA,+q\&qJA01`t;(]bQeC)q?w<ch.kr-<
Sep 15, 2024 00:51:36.006347895 CEST	1236	IN	Data Raw: 72 79 09 4a 94 30 cf 36 e4 0e 85 5f e9 4d be 4e 26 6e ab 2a d8 ec 7d 36 a0 f0 28 e3 87 1c 39 d4 7c 65 d7 76 fd 1b a4 a3 09 37 89 89 2f 38 f3 d9 f0 20 c6 49 01 c9 4f 91 b8 6d 39 00 01 ba d4 42 53 b9 d8 92 c9 c7 a8 fc 0b fc 13 70 cf 81 ed 46 b8 b5 Data Ascii: ryJ06_MN&n*}6(9\|ev7/8 IOm9BSpFkF@5UKNsRy@(8<UvC$qBq?I]vY%yYNGw?yA\|PS~)\|3_+{]

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:35.190418959 CEST	439	OUT	GET /-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:35.996917009 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="1.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 6564 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:35 GMT Expires: Sun, 15 Sep 2024 22:51:35 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v15af" Content-Type: image/jpeg Vary: Origin Age: 0 Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 02 03 01 01 00 00 00 00 00 00 00 00 00 00 03 04 02 07 01 05 06 00 08 ff c4 00 43 10 00 02 01 03 02 04 03 05 03 08 08 06 03 00 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII12i:Google0220CCC!1AQa"q2#BRbr3s$4CSc1!1AQq"2aBbC?W7J4j5h-<UXy4sR@2j,T9qT"W=-Rhmz- S9TZzUuP2GRG(^E8>Ei)WuP}jn<Q5j-Qh`deTh"i^Z`V'VY=ziRd, TsY \|=P1*h@QyO7MEJY"z(af-<9
Sep 15, 2024 00:51:35.996951103 CEST	1236	IN	Data Raw: 3e 4c 45 69 89 2d 20 db a6 6a 12 fa 06 21 5c 5b 39 18 ce 2a 26 a2 ac 83 31 8e 94 13 29 b5 48 55 da ab 42 27 fb 14 a1 57 a5 09 31 90 6a b4 97 51 9a ad 22 77 38 a8 a4 aa 31 45 a4 8d 56 58 61 b8 f2 a6 d5 a3 18 72 9e f7 29 6d fa 74 aa 64 33 8c f6 f9 Data Ascii: >LEi- j!\[9*&1)HUB'W1jQ"w81EVXar)mtd3i:teIqQ} RYOJ/"]HAx5/?miaK+!\7zTMG(Y8AHE6HeqJ-=).(RKZ{Qi\beBD6eRD
Sep 15, 2024 00:51:35.996967077 CEST	1236	IN	Data Raw: f3 01 96 8d 97 3d c8 22 8b 42 7e 4f 7c 7d da ac d1 3b 88 cc 27 04 6f e5 4a 2d f6 0b bd 5a ce ea dc 9b 53 0b 8e 4e 57 59 15 b9 4f ed 2b 75 c8 ea 05 31 34 aa de 96 d6 ef 4f 4b 78 8a 59 88 42 e0 08 cc 99 00 60 6d 9e b5 5d b5 11 45 6f e5 e7 b7 75 f3 Data Ascii: ="B~O\|};'oJ-ZSNWYO+u14OKxYB`m]Eouj)6L}n+ Yee4F^pfxGk?\|2c-!Ajc:E5TIJ/'zQWZ/"M'n5"J.&{0"#\IfI2MG
Sep 15, 2024 00:51:35.996983051 CEST	1236	IN	Data Raw: 32 4d 44 73 de 84 76 23 d2 a4 69 64 c2 9f 85 09 4c f1 34 a7 fe 2d d7 c7 dd 6f b6 b3 15 3b 1e 52 a8 14 e3 c8 e3 63 d0 d7 6c 7e 18 66 4b 5b 48 59 49 27 3e 42 a9 0d c6 98 e5 6d e4 5e 5e 66 7c 6d e9 e5 5c e6 09 ef 62 9c 58 34 cb 1d 67 84 6e 1c 45 7b Data Ascii: 2MDsv#idL4-o;Rcl~fK[HYI'>Bm^^f\|m\bX4gnE{aunp^HbG.:G}sqMu }5h?KK"TwUYijocK!$`pV1V[Q3'I}cqCj"J8;eqSa?9Ox#$
Sep 15, 2024 00:51:35.996998072 CEST	1236	IN	Data Raw: 1a 16 6b 99 9e e2 76 3b c9 2b 16 6c 01 80 32 6b 9e 59 5f 66 a2 1d 1e ae 73 a5 df 64 0f fa 79 46 33 d7 dc 35 8c a7 a4 ba 61 f1 e3 eb 0a eb 87 35 3e 5b 3d 5e da da 08 ed e5 83 4e 69 50 c5 f7 99 b9 97 19 6e fb 8d bc ab c1 ab 1f 77 2b 9e f0 fd 07 15 Data Ascii: kv;+l2kY_fsdyF35a5>[=^NiPnw+g&KoQl{0h'l.<Q8/6qyOY;-/hHu+TE`Ho2Wu*Dx^J"[E2M8-RkS3zfq
Sep 15, 2024 00:51:35.997014999 CEST	834	IN	Data Raw: 91 fd 28 43 c6 f8 a9 0a 1f 22 84 9a 38 1f ca 82 32 c9 50 10 49 f3 a0 b3 e2 74 39 df cb 14 26 44 b9 eb 51 2f 7c 9e 3c 38 03 99 94 f3 2e 3a fa d6 33 c7 9a 3a 28 e8 d4 2d c1 2d 80 41 db a1 af 14 c3 a2 2f a9 8b 7b 7b 88 e4 6f 73 c2 71 9f d5 ca 9e 9e Data Ascii: (C"82PIt9&DQ/\|<8.:3:(--A/{{osq"^QJ7no{}dRpJssq'v,xOId1fsww\|]E}iK*qbxqDqk0^#r:d{NpF}lq
Sep 15, 2024 00:51:36.874727011 CEST	439	OUT	GET /-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:37.244016886 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="3.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 11569 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:37 GMT Expires: Sun, 15 Sep 2024 22:51:37 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v15b3" Content-Type: image/jpeg Vary: Origin Age: 0 Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 00 1d 00 00 01 05 01 01 01 01 00 00 00 00 00 00 00 00 00 05 02 03 04 06 07 08 01 09 00 ff c4 00 3f 10 00 01 03 03 02 04 03 05 06 04 04 07 01 01 00 [TRUNCATED] Data Ascii: JFIFHHlExifII12i:Google0220CC?!1AQa"2q#BRb3r$4CSc0!1AQ"2aqB#R?3MJR< w@SY3%9)+\H-yFL\|%!ID7w5#%BVPWEScc9TzlFi(4f'%#B!<(8DU%jGB7h)JE@+hMHNZcIJ6ZjmuXb4{6]el]5"]oc]=":fkcsMJkbubd S$w^H
Sep 15, 2024 00:51:37.244044065 CEST	1236	IN	Data Raw: 79 ff 00 c1 70 28 7b a7 b5 0c 95 72 1e 39 5f 0c 90 30 f3 24 73 ed 44 9d 81 38 ed 76 31 15 d5 34 b2 82 6a d7 b0 12 5e 42 4d ab 3c cf 3a 21 63 4f 9e 15 64 75 a8 5a 18 71 dd b7 a8 12 44 60 82 f3 80 0e f4 2f b0 ee 83 31 22 29 29 00 0a 24 25 b0 8b 71 Data Ascii: yp({r9_0$sD8v14j^BM<:!cOduZqD`/1"))$%q%7x;rBYxc)wP03T`bTSR*u3qVdP5U7X#KEBuvD0u#89!+!QpGKrR+g38
Sep 15, 2024 00:51:37.244055033 CEST	1236	IN	Data Raw: f1 34 96 c9 71 1d f9 55 39 57 05 c7 1b 92 b2 bb 72 bc bb 3d 60 fb a0 0c 00 0d 03 76 6a 84 14 55 0c 05 f0 32 9c 64 2b 39 26 a8 22 53 8a 20 b6 f0 f7 56 39 fa d5 fd c5 d7 68 71 e5 79 8d 82 39 d1 5d a1 6b 86 4c b7 b6 98 cc 29 e7 39 f4 cd 5a e1 59 52 Data Ascii: 4qU9Wr=`vjU2d+9&"S V9hqy9]kL)9ZYR{ =i9/Dc_'RT)B5vz\|OA[KH@B0=y&=T`)lr6R3jbq%A\Xc&ZK~iB)VUK'} ,'OZ1rGbNR
Sep 15, 2024 00:51:37.244066000 CEST	1236	IN	Data Raw: 35 d2 bb 47 19 ad ac 13 6e b5 b9 76 bb 33 0d 00 f1 ad 58 57 a0 ac f9 26 b1 c5 c9 9b f1 41 e4 92 8a 3a c3 c3 db 3b 36 1b 74 78 8c a4 21 29 03 8b 1d 4d 79 2c f9 1c db 6c f7 1a 6c 4a 11 49 17 d9 36 d6 a6 34 3d ae 05 77 49 ac 69 9b b9 45 7e 55 ba 7d Data Ascii: 5Gnv3XW&A:;6tx!)My,llJI64=wIiE~U}jS`k(1Re#Xsv!!9qA{xS`mlE+IjuKe)-(xBE~RiEjZc/p"9e7Q&\FF>Zme-n7Hr@K
Sep 15, 2024 00:51:37.244077921 CEST	704	IN	Data Raw: 2c 7e 8c ff 00 63 1c f4 ca 19 7d 68 79 ec b5 69 18 50 96 c3 65 69 f3 72 06 0a 8d 62 9a e4 df 0e ae cd 46 d1 69 85 c0 82 86 80 57 42 93 48 68 65 b2 c9 05 b3 05 f6 9d 46 09 6d 41 5c 2b 1c 40 fc aa 2b 8b 4d 09 9f cf 16 8d af 4d 3b 06 6b 0d 3d f7 38 Data Ascii: ,~c}hyiPeirbFiWBHheFmA\+@+MM;k=8 #+/=2tZJ"#M4;V;%h%!jX9=1W_]%"rp=Jpv#:VMr-qkN:k\vt
Sep 15, 2024 00:51:37.244412899 CEST	1236	IN	Data Raw: e6 91 93 04 72 fd 9f b9 bf 4d ae cb a6 e1 73 1f 6f f1 ed fc 18 9e a3 d1 d7 1d 15 39 2c 5d 58 4a 5b 77 fe 9e 5b 27 89 87 c7 74 2b bf 70 70 47 6a e6 4f 1c b1 3a 91 ea f4 fa 8c 5a 98 ee c4 ff 00 2b ca 00 4c 7a 1b 69 24 11 ec 8d ea 91 a5 a6 57 1f 31 Data Ascii: rMso9,]XJ[w['t+ppGjO:Z+Lzi$W1X8zQ-2uq%7'jms\GI=><C`W3sDYud f l4Q, EJ@OIUb-.];yZF~a#NTT'~Z

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:36.881867886 CEST	439	OUT	GET /-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:37.701529980 CEST	1236	IN	HTTP/1.1 200 OK Content-Type: image/jpeg Vary: Origin Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length ETag: "v15b5" Expires: Sun, 15 Sep 2024 22:51:37 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="4.jpg" X-Content-Type-Options: nosniff Date: Sat, 14 Sep 2024 22:51:37 GMT Server: fife Content-Length: 23470 X-XSS-Protection: 0 Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 b4 00 00 00 00 00 00 00 ff e2 0c 58 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 0c 48 4c 69 6e 6f 02 10 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 ce 00 02 00 09 00 06 00 31 00 00 61 63 73 70 4d 53 46 54 00 00 00 00 49 45 43 20 73 52 47 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f6 d6 00 01 00 00 00 00 d3 2d 48 50 20 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11 63 70 72 74 00 00 01 50 00 00 00 33 64 65 73 63 00 00 01 84 00 00 00 6c 77 74 70 74 00 00 01 f0 00 00 00 14 62 6b 70 74 00 00 02 04 00 00 00 14 72 58 59 5a 00 00 02 18 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII*12i:Google0220XICC_PROFILEHLinomntrRGB XYZ 1acspMSFTIEC sRGB-HP cprtP3desclwtptbkptrXYZgXYZ,bXYZ@dmndTpdmddvuedLview$lumimeas$tech0rTRC<gTRC<bTRC<textCopyright (c) 1998 Hewlett-Packard CompanydescsRGB IEC61966-2.1sRGB IEC61966-2.1XYZ QXYZ XYZ o8XYZ bXYZ $descIEC http://www.iec.chIEC
Sep 15, 2024 00:51:37.701550961 CEST	1236	IN	Data Raw: 68 74 74 70 3a 2f 2f 77 77 77 2e 69 65 63 2e 63 68 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 65 73 63 00 00 00 00 00 00 00 2e 49 45 43 20 36 31 39 Data Ascii: http://www.iec.chdesc.IEC 61966-2.1 Default RGB colour space - sRGB.IEC 61966-2.1 Default RGB colour space - sRGBdesc,Reference Viewing Condition in I
Sep 15, 2024 00:51:37.701564074 CEST	1236	IN	Data Raw: 13 1f 3e 1f 69 1f 94 1f bf 1f ea 20 15 20 41 20 6c 20 98 20 c4 20 f0 21 1c 21 48 21 75 21 a1 21 ce 21 fb 22 27 22 55 22 82 22 af 22 dd 23 0a 23 38 23 66 23 94 23 c2 23 f0 24 1f 24 4d 24 7c 24 ab 24 da 25 09 25 38 25 68 25 97 25 c7 25 f7 26 27 26 Data Ascii: >i A l !!H!u!!!"'"U"""##8#f###$$M$\|$$%%8%h%%%&'&W&&&''I'z''((?(q(())8)k))*5h*++6+i++,,9,n,,--A-v--..L.../$/Z///050l0011J11122c2233F3334+4e4455M555676r667$
Sep 15, 2024 00:51:37.701575041 CEST	1236	IN	Data Raw: a8 f9 38 f9 c7 fa 57 fa e7 fb 77 fc 07 fc 98 fd 29 fd ba fe 4b fe dc ff 6d ff ff ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 Data Ascii: 8Ww)KmCCI
Sep 15, 2024 00:51:37.701591969 CEST	1236	IN	Data Raw: 9b 1f ed ba c1 4e 4f 15 e6 f5 a0 26 59 da f1 3c 60 fa 3d 52 82 3f be ba 83 11 64 c6 d6 b2 d3 a0 73 46 ea 3d 9b 4c c2 ba e0 2a ee 98 ee 79 a1 4c 12 47 fc d5 3c b5 2f 88 fa 9f 1f b2 db 60 0f 17 0e 4d d1 3a 2a cc c4 a4 a7 51 34 37 76 cc 53 ff 00 7d Data Ascii: NO&Y<`=R?dsF=LyLG</`M:Q47vS}q,]z+/?$HK%JGw*YXL6M4_egC>sIUfDl"W6[oPm<&kT6CeciJ!J%SHA!1w3Lk)
Sep 15, 2024 00:51:37.701601982 CEST	1236	IN	Data Raw: ea 43 52 52 b0 1b c2 94 4f 04 77 a6 71 50 be 20 07 25 03 a7 63 92 ea b5 74 c7 6e 08 40 65 49 69 4a c6 47 6c 53 3e ec 08 c9 be a8 70 41 36 01 43 ea 0b b3 63 c5 69 c4 2d 41 0a 38 2a f2 22 b5 87 39 b2 38 b5 ca 79 41 60 16 49 b6 cf 79 6a 5b 6f 05 28 Data Ascii: CRROwqP %ctn@eIiJGlS>pA6Cci-A8*"98yA`Iyj[o(\|CCKKPuoIR5b~ygAEc5GO&[(z--{$(Mi5HmRc2v'[Dd9P/q$]Ce{=N(Bz
Sep 15, 2024 00:51:37.701613903 CEST	1236	IN	Data Raw: db af d1 41 16 e5 75 2d 9a 73 73 34 ea da 41 04 84 1f e5 5e 6f 2c 45 b2 5c 84 ee 27 66 16 0b 9e ef 5a c8 da f5 53 f1 9f 4e d4 67 bd 5b 62 a1 ef 69 c3 da 83 95 d9 24 b1 4c d1 ef 50 66 46 0b 42 c2 54 7c b3 49 dd 04 b1 ba c5 77 76 91 70 a3 bd 23 de Data Ascii: Au-ss4A^o,E\'fZSNg[bi$LPfFBT\|Iwvp#=EJQf=+[ va{cHJQ9"H<b@)^Ld9qjXRz5I07qJA8?:[_?Qe*!ZuSIGlyHZZbF3os]W
Sep 15, 2024 00:51:37.701623917 CEST	1236	IN	Data Raw: 3e aa 99 90 38 f8 80 16 3d 46 df c2 3e ea 8d ae e2 ab 14 82 87 ed 93 37 39 6e 7d 43 73 64 2c 64 b6 73 fb 0b 07 b7 af d6 94 b7 f5 63 f4 a6 68 f6 e8 e1 c7 4e 3e d1 f2 56 61 0b 65 8f bf 6e e3 47 0f 67 f1 f2 5c 2f ab 3a 24 df 47 7d a9 34 3b b0 9a 53 Data Ascii: >8=F>79n}Csd,dschN>VaenGg\/:$G}4;SzfvH1OvjHo3bu+1(PbA5}GC~]zg\|UiM_e\|)p[m:0X>#'e%d"vAAV^
Sep 15, 2024 00:51:37.701634884 CEST	1224	IN	Data Raw: c9 71 43 29 5c 74 80 7d 3c 60 0f f0 06 9a 77 4e 92 be 46 01 fd df fa a6 c6 37 3e ba 46 0e 37 f9 2c 73 57 3b 3a de a8 f1 12 84 c8 b8 ba 56 95 2c fe 14 f3 82 7e 41 23 35 8d a2 6c 72 67 90 e8 c1 f9 ef 3a 2e db 44 d8 de 24 7e cc 1b 75 fb 94 db 67 d4 Data Ascii: qC)\t}<`wNF7>F7,sW;:V,~A#5lrg:.D$~ugqME@J'y:'"!.*Fq.`p\|zjWA",xf @c>57=Fk]sqq~-O\GK2Zh\|jP>k){Q>\
Sep 15, 2024 00:51:37.701646090 CEST	1236	IN	Data Raw: d2 76 29 7b b5 6d cd 92 99 0e b4 ac 7e 8e 8e b1 85 28 8e c9 71 63 21 23 b8 04 ac fe ce 6e fd 8e ec eb b1 49 c5 7d 53 7f 41 87 40 7f 7b 86 c3 ab 5a 75 27 62 7c 23 8a f3 8c 7b 17 34 91 1a 78 5d e3 77 c0 73 3d 4f 0f 7a fc fa 5c 75 25 64 a1 27 1d 80 Data Ascii: v){m~(qc!#nI}SA@{Zu'b\|#{4x]ws=Oz\u%d'j[[P1Qg"%M`C:[jZB2vR&t^cRG.pnuZv8fflWNM!%9v(k4[?}HL]Uc8N-
Sep 15, 2024 00:51:37.706731081 CEST	1236	IN	Data Raw: a2 6a 76 85 85 78 87 23 c3 5f 26 b6 f6 dc 2c 69 b2 9e 89 80 ab 83 93 e4 28 62 c5 de 64 76 c6 da e4 0f d6 a7 8f 9d 09 28 b1 f0 a9 99 ae e9 73 a8 2c f8 2f 42 03 b6 d5 ff 00 34 d3 4a 03 70 ef 24 1d 46 8e 08 ef 46 27 c7 b7 9b d3 92 14 12 9d ac 01 9f Data Ascii: jvx#_&,i(bdv(s,/B4Jp$FF'._MjLKAJ#IjCMZpu}DG$`jpsUTGjf<gPd<ZHC.H5;Mj;yH#"zjH!89AU-\=8,nN
Sep 15, 2024 00:51:41.341628075 CEST	477	OUT	GET /-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:41.709559917 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="[www.gj37765.blogspot.com]bg_search.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 1421 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:41 GMT Expires: Sun, 15 Sep 2024 22:51:41 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v15b9" Content-Type: image/png Vary: Origin Age: 0 Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 23 00 00 00 57 08 06 00 00 00 8e 6a fc 8e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 04 d9 49 44 41 54 68 81 ed 99 ef 6f 14 45 1c c6 3f fb a3 d7 eb 71 57 9a b6 41 ae b4 04 63 40 8c 29 4d 2c 0d 84 90 48 d1 57 7d c1 2b ff 01 b0 b4 7d 67 8c be 36 bc c6 98 18 7d 41 41 1a 12 83 89 84 c4 44 23 af a8 52 21 c1 28 88 fc 88 4a 11 34 42 cb b5 a5 b5 bd db d2 bd db db dd f1 c5 76 f7 ee 5a ae b7 57 e1 0e 71 9f cb 24 77 3b 3b 33 cf 3d df 99 ef cc 93 91 b6 be fd b5 a0 8a 50 15 79 ae 46 55 fb f4 8c 71 5a 05 d8 bc a1 b1 2a 44 f4 4c 96 e9 94 de 90 36 b2 a7 c2 b5 35 92 ea 3c 16 cc cc 1b 15 25 a2 2a 12 6b 42 2a 1b 9a a2 8c cf 68 92 69 5a [TRUNCATED] Data Ascii: PNGIHDR#WjsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDAThoE?qWAc@)M,HW}+}g6}AAD#R!(J4BvZWq$w;;3=PyFUqZDL65<%kBhiZGe!_ g4G0-Autq>0c+ZRHC22B Di:61uH#$0j]IVWGhqlm3CV=;F.~LhydJ)#l#5bPA}./+>,M]1R@d>mr6X$WW^A,~v-$Z0[8y>8s77VNR`6QHW-x+L<EnMoV%&phXYMlT]l"I5Wg&,-MQ 1.qc:IsQ~{#Q
Sep 15, 2024 00:51:50.925060987 CEST	442	OUT	GET /-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:51.350363016 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="main.ico.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 908 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:51 GMT Expires: Sun, 15 Sep 2024 22:51:51 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v12f5" Content-Type: image/png Vary: Origin Age: 0 Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 02 00 00 00 fc 18 ed a3 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 03 44 49 44 41 54 48 89 bd 56 dd 4e d4 40 14 3e fd a1 ed 6e 59 16 16 c3 8f 12 50 58 44 50 88 c1 10 e4 42 bc f1 1d 8c 4f e1 6b 68 e2 8d 89 0f e0 03 98 98 78 a1 31 8a 7a b3 a2 08 51 22 a0 80 10 d8 f0 cf 2e 8b b0 ec b6 db 99 39 5e b4 b4 33 2d e0 8d eb 64 2e a6 67 ce 39 5f bf 6f ce 99 56 ba f3 e0 23 54 73 a8 08 58 5d 80 2a e7 ff 0f 0c b0 ea 0c 44 04 4d 91 fa db 93 21 a7 f9 cd 62 d1 22 d1 e0 cb cd 66 22 5e c3 5b b6 f6 ed f5 42 39 04 20 c4 34 c5 e1 d1 bd 6b a1 44 8f 5f 2f 3d 9f dc 0c 19 15 20 0f ef f6 d6 d7 1a bc f1 d9 c4 c6 93 37 cb bc 45 46 71 d4 1a 4a f4 4d 6f a6 53 18 19 57 cf 9b a1 ec 00 10 d7 94 90 5b 58 22 53 3f 01 e0 7a 47 52 af 91 ad 0a e5 8d b7 7a 1a a3 9e 71 5d 09 25 8c 30 d0 d5 68 98 ae ca 83 1d 49 c1 8f 91 d1 de e6 13 00 22 0c 64 86 c0 cf 5a 23 00 58 cf 1d 06 2a 75 a7 78 b7 ee 26 a3 b9 c1 74 b7 56 b6 f7 79 06 a1 84 61 06 bc 44 3f d6 0a b6 e3 15 [TRUNCATED] Data Ascii: PNGIHDR sBITODIDATHVN@>nYPXDPBOkhx1zQ".9^3-d.g9_oV#TsX]DM!b"f"^[B9 4kD_/= 7EFqJMoSW[X"S?zGRzq]%0hI"dZ#Xux&tVyaD?H:sqr)scpD=w4:LOFo5x,qIbKk_W($RglN:\ttl,4gIT+"!p:Z>@$]rO0Z\|W6=bPvy9N&%b4C)2jv\NQRlA%o\j8G39D,TDG6A/{5}mu1O%@"\BfdY0EG^Tjm;nT))\|NA"SW%)p-ZO@T(s;nT$2VNo(Zk8[qUtZgDS%P%

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:36.905276060 CEST	285	OUT	GET /jquery-1.7.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:37.351066113 CEST	1236	IN	HTTP/1.1 200 OK Connection: keep-alive Content-Length: 33254 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: W/"28feccc0-16f44" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Content-Encoding: gzip Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Date: Sat, 14 Sep 2024 22:51:37 GMT Age: 2647227 X-Served-By: cache-lga21959-LGA, cache-nyc-kteb1890032-NYC X-Cache: HIT, HIT X-Cache-Hits: 4122, 2 X-Timer: S1726354297.305608,VS0,VE0 Vary: Accept-Encoding Data Raw: 1f 8b 08 00 00 00 00 00 02 03 c4 bd f9 62 db 48 92 37 f8 ff 3c 85 88 f6 c8 80 99 a2 a4 3a 66 a6 41 c1 5c 1f e5 ae ea ae 6b ca 9e ae ee a1 e8 5a 5c 04 c1 db 24 65 d9 25 72 9e 65 9f 65 9f 6c e3 17 91 99 48 80 90 ec ee fd be dd 3a 44 1c 89 3c 23 e3 ca 38 ce 9f 74 4e a6 ff 79 93 6f 3e 9e bc bf ec fd fb c9 f4 1d ae 7b e9 6a 71 b2 37 37 ab 4d 71 3e 2f d3 7c b9 cd 4f 9e 9c ff 8b 3f be 59 a6 bb 72 b5 f4 63 95 04 77 e6 ee 24 7d e6 c7 c1 dd 26 df dd 6c 96 27 e3 5e b9 fd b5 5c 66 ab 5b 7a 38 88 c3 b8 b7 5c 65 f9 9b 8f eb 3c 8a a2 3f 0e e2 5e 96 8f e3 9b f9 ee af 65 7e bb df c7 bd 75 bc c9 97 3b f9 22 ec 5c 1e aa 5a 3f a0 d6 72 ec 77 d2 c5 30 1e 05 77 ef e3 cd 49 12 a5 bd 64 95 7d 54 59 34 f6 bd 2b af 1b 77 bd a7 5e d0 8b d7 eb 7c 99 bd 59 f9 49 a0 f2 28 eb a5 db ad ef 65 e5 76 3d 8f 3f 7a 41 3f eb 6d f2 c5 ea 7d ee 07 7d aa 10 3d f1 96 ab 65 ee ed f7 7c ed 05 77 e9 72 bf f7 d3 25 55 9f 6e f2 78 97 7f 33 cf 17 d4 2f df 2b c7 9b 78 91 7b 81 4a 97 3d be 7c be da 64 f9 26 a2 db db 32 db 4d 70 31 c9 cb 62 b2 8b 2e [TRUNCATED] Data Ascii: bH7<:fA\kZ\$e%reelH:D<#8tNyo>{jq77Mq>/\|O?Yrcw$}&l'^\f[z8\e<?^e~u;"\Z?rw0wId}TY4+w^\|YI(ev=?zA?m}}=e\|wr%Unx3/+x{J=\|d&2Mp1b.:jPZA\|<\-wvUz{Rw)wXu&Cx~})?^H#zW\|s{z\|dnjFaz<&-l}EuV`kFwO}?)zA,wr;C78MG]8n6)fE$n2={o?%<%L7j}gFh44S2\|imw
Sep 15, 2024 00:51:37.351187944 CEST	824	IN	Data Raw: 34 59 69 70 47 7b 27 de c5 af ca f9 2e df 9c 9e fa 69 e4 3e f0 53 25 b7 d8 6a 41 d0 c7 cc 66 51 f5 68 4b 0b 77 77 50 85 9a a8 92 36 c8 3c 5f 16 bb 89 9a aa 59 94 0d 2f 46 6a ae 16 6a a9 56 6a dd 1f af 36 7e 11 5d f6 8b ab b2 5f 74 bb bc 05 0b 02 Data Ascii: 4YipG{'.i>S%jAfQhKwwP6<_Y/FjjVj6~]_to&'zM>PpLM,<[>vWEUr>NFAbM2?Y4sB8lgwhNL-\|zO,uVgMUu:x7Ni\|WhHFj
Sep 15, 2024 00:51:37.351200104 CEST	1236	IN	Data Raw: 08 dc fc 5a 31 7a 86 82 06 ee e6 d5 44 24 bf b9 cc 56 05 5b b4 36 66 cd 3b 6e 17 d3 28 51 09 ef e0 be 06 d1 57 e6 23 c2 30 b2 9e 51 52 47 d6 1a 63 26 bf 80 da 5f d0 bc 5a 7a c1 08 44 e6 2b bf 2a fa 39 4d d3 84 30 06 81 ce 34 3a 7f 7b dd 3d 37 9b Data Ascii: Z1zD$V[6f;n(QW#0QRGc&_ZzD+*9M04:{=7XMCLz:_=:A+?=r8xzQYl'M:>g>Nb#r5M92[4=LaA\f<<l_fgq@x+og&$E)7mUu`QyA
Sep 15, 2024 00:51:37.351258993 CEST	1236	IN	Data Raw: 7d e6 75 53 cb 52 cd 94 77 f6 e8 f2 88 fb 01 0d 20 f4 52 21 f4 dc 05 f2 cc 05 72 e8 d9 b2 28 63 5a b4 a1 a5 18 74 88 e3 c6 dd 38 26 92 43 b7 97 72 0b 6e d9 1b e0 6f 88 91 ff 48 58 63 53 a6 c4 22 0f 6a 0c 73 38 15 f0 a7 e7 e3 1e bf c1 f0 f1 22 d3 Data Ascii: }uSRw R!r(cZt8&CrnoHXcS"js8"*;I^EgR!jRBI?z=:I5=H~J Y'-e{@+.uA]_\|Q4qQf2UjH<'h<~/_'"^?Lptyo$@
Sep 15, 2024 00:51:37.351275921 CEST	1236	IN	Data Raw: 95 48 c6 80 ad f2 77 f7 ac 53 74 76 29 cb 24 47 d5 06 c4 f5 9d ea c6 dd 4b f0 31 e5 66 bb bb 0f 6c f2 77 3e 60 61 1e 3f 58 e4 0c f5 70 b5 f7 15 b2 ab ef ff 49 af a3 0c 7b 53 30 46 dc 06 ca e3 ef 3d a5 c1 b0 7a d3 9b ae ca a5 ef 29 0f 82 c3 22 5e Data Ascii: HwStv)$GK1flw>`a?XpI{S0F=z)"^ZZFXQ!M;%[+]mvpL[:(C:48\;C>+gcs42:}MK&yb{.ME_sczDkWL\|w<ggSYJR!O
Sep 15, 2024 00:51:37.351286888 CEST	1236	IN	Data Raw: 10 f8 21 7c b8 20 0c da 9c 45 9d 29 f7 6e 8e 3b 88 35 5a dc 6f 2c b2 e8 ce 13 d8 24 69 56 8a d9 66 2d 32 5b 62 d0 37 8b 25 ad b2 c5 8d 83 ce b2 1a a1 d5 f7 9b bc c8 3f ac bd 06 c1 20 31 9b 87 95 ba 52 36 6e 2a 9b 4f a5 cf c6 da e5 78 3e 8b 61 a8 Data Ascii: !\| E)n;5Zo,$iVf-2[b7%? 1R6nOx>a[>5dQ:H.?IlBsc@b2\|GUScg4mLY`p&-oIylS3(%&UX29=$=TK9C{i\|1cj~
Sep 15, 2024 00:51:37.351295948 CEST	1236	IN	Data Raw: 68 91 a9 de 6f 82 8d a6 fe c9 f6 1a a6 3f f5 a5 4e 88 51 4f a4 3b 31 f7 25 31 87 b8 9d 8b 83 d5 03 a9 1c 9a 1d 77 2e b0 82 f5 c3 2c bd ba f5 42 24 ea 44 49 6b b9 96 53 9b 0e 89 28 f3 95 7b ce c8 ba 05 45 0c 9b 78 d6 12 96 3c 3d 75 e0 a8 5e 31 3e Data Ascii: ho?NQO;1%1w.,B$DIkS({Ex<=u^1>m62~r pUo&#(yrEIT6nv\)#CAKX`{$=2q-iM]i[$?X+CItDIr2}N2-4p
Sep 15, 2024 00:51:37.351306915 CEST	1236	IN	Data Raw: 05 6f da e3 f8 3d da 8d d5 80 10 c0 a0 6c 20 49 0e 4f a1 8c 0f 24 4d 0e 5f 89 c3 a2 03 7a 2d 5f ea d9 a5 8f cd 15 9b 81 38 28 a6 e4 00 00 f7 ba a5 a9 79 c3 19 0e f6 7f 7c 8d 7e 70 a5 3c 15 d1 bc b9 ae b5 3b fb 95 5d ef 1a a2 f7 94 76 07 d7 31 8b Data Ascii: o=l IO$M_z-_8(y\|~p<;]v1yrfKnLGB}s&Z.r[&8Y%B\|BbYfh:bm.^e]xzg1P*ss-:Xi(Z>ZF>QnyNT8c>
Sep 15, 2024 00:51:37.351320982 CEST	1236	IN	Data Raw: 4e 4f d9 7a d6 98 d1 23 52 68 bd b5 68 19 75 bb e3 1e af f1 b2 1a 45 a0 a4 56 1f 3f f0 f1 9e eb eb 9e 78 cf 73 bc c9 d5 3a 08 da 6d 42 f6 7b e7 59 45 f6 f2 01 57 67 61 0c 77 b0 c9 b0 5d ae bf e2 47 b0 06 63 c0 47 59 c4 5e 93 f0 1e f6 82 9d 4b 10 Data Ascii: NOz#RhhuEV?xs:mB{YEWgaw]GcGY^K2~1bE(;[06l5Cx&BzZ)K])`)6!t dFw5O7S/eQ:xboDIz.(qS6!'c-$!BO!>
Sep 15, 2024 00:51:37.351423025 CEST	1236	IN	Data Raw: 6f 4e 29 b9 43 ef 1d f5 42 e3 d4 52 dd aa 0f ea 63 bf 86 51 c0 8b b5 fb a4 8d 8d 9b 80 09 6d a1 70 32 c9 cc 9b 25 bd cf ea 5f 7f 1e e9 c5 47 ee 7e a6 85 5b ff 43 5d c0 07 b6 0b 3f d7 bf 16 54 80 12 af ca 0f 82 03 1e c4 6e 38 93 d4 d1 4d 88 0c 6b Data Ascii: oN)CBRcQmp2%_G~[C]?Tn8Mk;N^?6)i\,y1Ots]S+qI,v#95l1DiG81x:oXb;/{0:*qyP#pndon[c-b8kO/?
Sep 15, 2024 00:51:37.356197119 CEST	1236	IN	Data Raw: 22 aa 3a d5 c1 c9 8c 13 f4 d4 66 65 e3 9c 88 6b 1d 2b f8 24 8d 97 8f 77 27 49 7e 22 da eb cc 73 72 69 55 a8 af b2 05 25 09 ab ca 6d 02 8e cd 4d 80 a0 ed 4c 0d f6 d0 b8 ff c8 1e 5f 4c 4d b5 32 56 17 8a 5c a8 3b 30 9b 43 54 a3 41 25 f4 58 6f 9b ed Data Ascii: ":fek+$w'I~"sriU%mML_LM2V\;0CTA%XoF:TuZja>i.s5Jsr!B0>QF'"!h`Wt]EA;zt=_/Z<Qiy-7XWu~"un.6G~ls[B

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:36.913774014 CEST	330	OUT	GET /-wwi9gLDAiVk/UMRdd5ct3xI/AAAAAAAAFbE/5BE1vH6Z7nY/s1600/2.jpg HTTP/1.1 Host: 1.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:37.526376009 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="2.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 13767 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:35 GMT Expires: Sun, 15 Sep 2024 22:51:35 GMT Cache-Control: public, max-age=86400, no-transform Age: 2 ETag: "v15b1" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff e2 02 40 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 02 30 41 44 42 45 02 10 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 cf 00 06 00 03 00 00 00 00 00 00 61 63 73 70 41 50 50 4c 00 00 00 00 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f6 d6 00 01 00 00 00 00 d3 2d 41 44 42 45 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 63 70 72 74 00 00 00 fc 00 00 00 32 64 65 73 63 00 00 01 30 00 00 00 6b 77 74 70 74 00 00 01 9c 00 00 00 14 62 6b 70 74 00 00 01 b0 00 00 00 14 72 54 52 43 00 00 01 c4 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII*12i:Google0220@ICC_PROFILE0ADBEmntrRGB XYZ acspAPPLnone-ADBEcprt2desc0kwtptbkptrTRCgTRCbTRCrXYZgXYZbXYZtextCopyright 1999 Adobe Systems IncorporateddescAdobe RGB (1998)XYZ QXYZ curv3curv3curv3XYZ OXYZ 4,XYZ &1/CC
Sep 15, 2024 00:51:37.526401997 CEST	1236	IN	Data Raw: 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 Data Ascii: ?!1A"Qa2q#BRb$3Cr4!1AQ"aq
Sep 15, 2024 00:51:37.526413918 CEST	1236	IN	Data Raw: e7 f1 26 b8 99 09 6d 45 05 d4 82 4e c7 d7 73 b7 52 40 e8 30 29 1e 05 44 a2 1e 8d 81 26 ed 09 b7 fc 7f 01 4d ad 0e aa 48 20 38 12 39 81 68 9e e1 20 9c 1c 6f b6 36 ae f0 23 7e 08 b6 97 d1 c6 7c b4 bc c3 a0 3c a5 a4 82 12 30 90 b4 85 84 ad 4b db 3f Data Ascii: &mENsR@0)D&MH 89h o6#~\|<0K?0='a#MA;lE,w[vNZ>yt"$!dw'i\Amx<71jSr)R!n\|h]g~ h$vAJqjQrtZ
Sep 15, 2024 00:51:37.526515007 CEST	672	IN	Data Raw: f8 a8 49 3b 27 aa 55 8d fa f3 03 bf b0 a7 3b 77 78 1b fa 8b a4 4d f8 94 38 9c 24 f3 ec a0 91 92 31 e9 9a 25 94 73 14 b8 79 80 49 52 54 52 32 01 3b 91 f5 a2 42 1a 64 8e 47 48 39 03 1b 83 d4 6f d0 d3 8b 80 59 8b 4f 78 6f 95 12 48 48 ca 42 47 71 df Data Ascii: I;'U;wxM8$1%syIRTR2;BdGH9oYOxoHHBGqrbBp%JH#R[n_.L-<I>gm3Bd8 OZQrip.AG.yH,<MPQ}F3NCi15;p-0'h,+]E2l4!>FzSR!
Sep 15, 2024 00:51:37.526525974 CEST	1236	IN	Data Raw: ca a2 05 3f 1e 0a 3d 4f c3 6b 27 2e a3 1d a8 c8 e0 8e a3 ad 2e 05 4c 15 c4 6f 4a 10 1b 88 a2 c6 45 c8 23 89 a2 41 02 38 29 7b 45 c8 1b c8 a2 c0 a0 4f 23 ad 1a 47 12 b6 bb 55 0b 1a 0b 6d 3d 28 41 61 4d 27 bd 70 39 3e b8 35 cf 09 42 a3 dd f8 49 7a Data Ascii: ?=Ok'..LoJE#A8){EO#GUm=(AaM'p9>5BIzWBltVK4o_`'UI\|;Jbqd~]wns[:Z%auBv89h4O3lOIeIR['Op+Qq])T
Sep 15, 2024 00:51:37.526537895 CEST	1236	IN	Data Raw: e4 35 64 a3 c3 21 ba b5 08 8c fa 48 00 79 ab 27 d4 e1 da d6 0d f7 4a b3 ba 1b 91 b9 2a 0e a3 04 05 7b 8a 89 a7 b1 c3 62 ee 75 a9 f2 40 2e f6 0f d2 97 84 97 46 11 cc 00 18 fc eb 41 0b 1f 66 c5 15 e9 46 78 25 b1 25 db 2c 0c 2a 38 50 0b 68 84 94 84 Data Ascii: 5d!Hy'J{bu@.FAfFx%%,8Phsdf4RJm+ijMU!gPEJY!RNS%(.H)xV6g=iAe[U#s^m@$J)NZ\&UX4kSnwT
Sep 15, 2024 00:51:37.526549101 CEST	1236	IN	Data Raw: a3 b2 68 2b 4f c6 dd e6 22 0c 50 79 52 08 2a 5b 8a f4 4a 46 ea 3f 4f bd 5d ec b6 31 0a 33 ba 5b 1c f5 c4 9d 51 a3 78 a3 74 75 e6 e1 a9 b9 01 08 69 4e cc 84 85 ba 52 0e 47 22 d2 bc a3 62 76 21 5e 95 1a d9 d9 c4 23 f9 b2 f7 49 52 a1 66 c9 7f 45 c7 Data Ascii: h+O"PyR*[JF?O]13[QxtuiNRG"bv!^#IRfE!jZ.LVu\|g\Yk<H'JYDV6pxofNlZyJyNBS}>aV8D;#:g n(ip)x)Nq<v7/E#)$r6#
Sep 15, 2024 00:51:37.526560068 CEST	1236	IN	Data Raw: b5 ec 58 55 a9 7f 86 5e 4e 76 d0 5a b6 1b 1a eb 4d c8 9c 4a 61 c7 9c cb 8e a9 7f 2a 53 cd b1 27 eb 83 4d df 06 ea 9a 8f 38 34 1a 28 aa b5 55 ce 6f 64 d1 d2 5c 68 e2 7d be d5 11 89 d2 19 f8 d9 41 b0 d3 09 00 04 9e e0 7d 33 bd 67 b4 f0 95 d2 ed 47 Data Ascii: XU^NvZMJa*S'M84(Uod\h}A}3gG/nKTV@JL$@+SEF>J9j}B>XRr\|z76UQ;b4D VFPi_,!u9{r7tikR;y0?BJF0k8q\|
Sep 15, 2024 00:51:37.526571989 CEST	328	IN	Data Raw: 89 fa 42 4a 32 a0 f2 4e 16 94 f6 1d 95 d3 bf b5 44 bd 38 3d de cc ba e8 96 57 ac 8c a5 25 f1 45 ff 00 e3 20 56 bd 1d e1 bc 1c 7d c2 b9 2f 28 f3 2d 6a c9 3e e4 9d fe e6 a2 3b 52 59 f0 6b 63 54 22 9b e1 79 7e 4b 96 c7 1a 15 ae d8 cc 66 f9 55 ca 3e Data Ascii: BJ2ND8=W%E V}/(-j>;RYkcT"y~KfU>l\|Sc?12RJrI$ezw-.j_"WM/u>!#~l\Jh*TNa)#'5Z-M?.qKIB{TVGmd3PjV\|(8O-}
Sep 15, 2024 00:51:37.526583910 CEST	1236	IN	Data Raw: a3 88 ce 1a 9b 12 4b 18 cb 32 9d 57 45 97 19 d1 0d df 38 2e cb 2d fa db a9 ad ff 00 1d 6a 9a d4 e8 85 65 bf 15 a2 70 14 0e e0 e7 70 6b d0 b4 d6 d7 7d 6a ca a4 a5 17 e5 18 eb ab 9d 53 70 b1 61 9f 4b 48 20 d4 fc 6c 46 4f 71 24 a1 82 7b 54 39 2c 32 Data Ascii: K2WE8.-jeppk}jSpaKH lFOq${T9,2D^j;S#X'XD'na]+CX{ ##`J {=dt8SOm=2SstZ%,EOV5=~,3EJ>d$:?*0v$jZnO)+K2<Y_>cDZ&
Sep 15, 2024 00:51:37.532107115 CEST	1236	IN	Data Raw: 9b 61 b4 1c 05 ba b0 94 8f 60 4f 7f ce 97 7e 0e c8 e5 17 6d 41 aa 63 25 c5 e9 bd 4d 7c 41 09 42 2e f1 ed 72 16 90 9e 83 9d 7c 98 70 01 df e6 f7 34 9e 9b 5c 0b dd ee 31 d0 da a9 3a 1a e5 32 03 ea 2e 41 7d 61 c9 11 b9 4a 24 47 5f 4f 13 c2 56 15 8e Data Ascii: a`O~mAc%M\|AB.r\|p4\1:2.A}aJ$G_OVcld9</f%m/_~Efps!CWFpS{JqBUh!{7JE]WJf0a]7aX!h4"#5RfD*Pm+SP>

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:36.914691925 CEST	330	OUT	GET /-v_4byqqmunc/UMRdc57l7VI/AAAAAAAAFa8/6XdXGvR1fEQ/s1600/1.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:37.546892881 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="1.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 6564 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:35 GMT Expires: Sun, 15 Sep 2024 22:51:35 GMT Cache-Control: public, max-age=86400, no-transform Age: 2 ETag: "v15af" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 02 03 01 01 00 00 00 00 00 00 00 00 00 00 03 04 02 07 01 05 06 00 08 ff c4 00 43 10 00 02 01 03 02 04 03 05 03 08 08 06 03 00 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII12i:Google0220CCC!1AQa"q2#BRbr3s$4CSc1!1AQq"2aBbC?W7J4j5h-<UXy4sR@2j,T9qT"W=-Rhmz- S9TZzUuP2GRG(^E8>Ei)WuP}jn<Q5j-Qh`deTh"i^Z`V'VY=ziRd, TsY \|=P1*h@QyO7MEJY"z(af-<9
Sep 15, 2024 00:51:37.546905041 CEST	1236	IN	Data Raw: 3e 4c 45 69 89 2d 20 db a6 6a 12 fa 06 21 5c 5b 39 18 ce 2a 26 a2 ac 83 31 8e 94 13 29 b5 48 55 da ab 42 27 fb 14 a1 57 a5 09 31 90 6a b4 97 51 9a ad 22 77 38 a8 a4 aa 31 45 a4 8d 56 58 61 b8 f2 a6 d5 a3 18 72 9e f7 29 6d fa 74 aa 64 33 8c f6 f9 Data Ascii: >LEi- j!\[9*&1)HUB'W1jQ"w81EVXar)mtd3i:teIqQ} RYOJ/"]HAx5/?miaK+!\7zTMG(Y8AHE6HeqJ-=).(RKZ{Qi\beBD6eRD
Sep 15, 2024 00:51:37.546916008 CEST	448	IN	Data Raw: f3 01 96 8d 97 3d c8 22 8b 42 7e 4f 7c 7d da ac d1 3b 88 cc 27 04 6f e5 4a 2d f6 0b bd 5a ce ea dc 9b 53 0b 8e 4e 57 59 15 b9 4f ed 2b 75 c8 ea 05 31 34 aa de 96 d6 ef 4f 4b 78 8a 59 88 42 e0 08 cc 99 00 60 6d 9e b5 5d b5 11 45 6f e5 e7 b7 75 f3 Data Ascii: ="B~O\|};'oJ-ZSNWYO+u14OKxYB`m]Eouj)6L}n+ Yee4F^pfxGk?\|2c-!Ajc:E5TIJ/'zQWZ/"M'n5"J.&{0"#\IfI2MG
Sep 15, 2024 00:51:37.547020912 CEST	1236	IN	Data Raw: c0 ca a8 cb 02 01 19 f9 9a 21 00 ba 9d e5 ee a1 0a dc ca d2 af 87 26 39 b1 b1 f7 4d 52 dc 47 49 62 ec 30 76 04 56 ad 51 0b 49 ac 2d 6f ad 8c 17 29 a8 5f 78 3a 84 37 76 30 ab 99 2d 15 d5 a3 42 41 18 19 04 b0 2a 7b 1c d7 cd db 77 9d f6 bc 1f 73 44 Data Ascii: !&9MRGIb0vVQI-o)_x:7v0-BA*{wsD\jb.;^=Sc?z$ ITRB)Es\|(]U94C~qIJQ0,cV'd7jMHMfRxgC]`
Sep 15, 2024 00:51:37.547039032 CEST	1236	IN	Data Raw: 31 8c d4 3e 56 39 65 33 17 2f b1 ec e6 32 db 46 d9 ea 01 eb 5e 28 7a 85 e6 db ae 69 01 bb 9f 3a 91 79 1f 6f 5a 90 12 30 c5 50 8b 3b 56 80 0e 7a fd 69 45 a4 f8 52 8b 39 de 94 5a 56 cf 7a d0 2b 23 d2 a5 55 f1 aa 18 f8 9e ec 80 30 eb 1b ff 00 70 0f Data Ascii: 1>V9e3/2F^(zi:yoZ0P;VziER9ZVz+#U0pk5Dq+2MD53M->X3u4g%\oC{q_?BJ>1o]8[mUu:!Nu=JQ(:Oe1=qbsc
Sep 15, 2024 00:51:37.547050953 CEST	1236	IN	Data Raw: 65 da 32 6d 6f 7d 9e e9 da a3 5b 1d 42 2b 8b a9 20 0c 89 2a 97 52 a8 d2 33 85 d8 1c 84 0c 14 74 cf 2d 6a 3d ac 63 18 f2 44 d3 94 e5 c3 65 9c e7 1b b2 89 9f 94 ff 00 a6 c5 75 0e 24 b4 b8 b4 4b 43 7e d0 42 1a 38 25 bf b8 6b a3 00 25 c1 25 1d 08 04 Data Ascii: e2mo}[B+ R3t-j=cDeu$KC~B8%k%%>,Oqci5"SXHeC/\`{;sY<]l=+b?wnt]"Tc}z}i6;> Qgo3J/#Jq~6\|et'+P
Sep 15, 2024 00:51:37.547064066 CEST	386	IN	Data Raw: 79 7a e3 d2 5d 62 7c 83 d2 11 b4 6c 88 ee ee d2 13 d5 63 9c a9 1e a3 04 7c a9 e5 c2 66 f2 c6 de 8c 78 8d d8 c5 63 9c c3 64 34 fb 49 82 31 69 e4 5e 61 22 96 ba 94 82 c3 a3 6e dd 45 7a 63 56 bf 0c 61 ce 78 9d fe 39 cf dc de 5b 97 94 dc 5c 32 f4 e5 Data Ascii: yz]b\|lc\|fxcd4I1i^a"nEzcVax9[\2720xGlcwsBsW,~'\CDQ/=j(4*Aqj/1U \@/&i@H)GT6vM!LWa$cjmU^(UR]
Sep 15, 2024 00:51:37.915564060 CEST	330	OUT	GET /-SyYUToBmQ9Y/UMRdgEOhfsI/AAAAAAAAFbU/VbjIpJ97dU8/s1600/4.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:38.098491907 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="4.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 23470 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:37 GMT Expires: Sun, 15 Sep 2024 22:51:37 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v15b5" Content-Type: image/jpeg Vary: Origin Age: 1 Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 b4 00 00 00 00 00 00 00 ff e2 0c 58 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 0c 48 4c 69 6e 6f 02 10 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 ce 00 02 00 09 00 06 00 31 00 00 61 63 73 70 4d 53 46 54 00 00 00 00 49 45 43 20 73 52 47 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f6 d6 00 01 00 00 00 00 d3 2d 48 50 20 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11 63 70 72 74 00 00 01 50 00 00 00 33 64 65 73 63 00 00 01 84 00 00 00 6c 77 74 70 74 00 00 01 f0 00 00 00 14 62 6b 70 74 00 00 02 04 00 00 00 14 72 58 59 5a 00 00 02 18 00 00 [TRUNCATED] Data Ascii: JFIFHHlExifII*12i:Google0220XICC_PROFILEHLinomntrRGB XYZ 1acspMSFTIEC sRGB-HP cprtP3desclwtptbkptrXYZgXYZ,bXYZ@dmndTpdmddvuedLview$lumimeas$tech0rTRC<gTRC<bTRC<textCopyright (c) 1998 Hewlett-Packard CompanydescsRGB IEC61966-2.1sRGB IEC61966-2.1XYZ QXYZ XYZ o8XYZ bXYZ $descIEC http://www.iec.ch
Sep 15, 2024 00:51:38.098520994 CEST	1236	IN	Data Raw: 00 00 00 16 49 45 43 20 68 74 74 70 3a 2f 2f 77 77 77 2e 69 65 63 2e 63 68 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 65 73 63 00 00 00 00 00 00 00 Data Ascii: IEC http://www.iec.chdesc.IEC 61966-2.1 Default RGB colour space - sRGB.IEC 61966-2.1 Default RGB colour space - sRGBdesc,Reference Viewing Condit
Sep 15, 2024 00:51:38.098534107 CEST	1236	IN	Data Raw: 6a 1e 94 1e be 1e e9 1f 13 1f 3e 1f 69 1f 94 1f bf 1f ea 20 15 20 41 20 6c 20 98 20 c4 20 f0 21 1c 21 48 21 75 21 a1 21 ce 21 fb 22 27 22 55 22 82 22 af 22 dd 23 0a 23 38 23 66 23 94 23 c2 23 f0 24 1f 24 4d 24 7c 24 ab 24 da 25 09 25 38 25 68 25 Data Ascii: j>i A l !!H!u!!!"'"U"""##8#f###$$M$\|$$%%8%h%%%&'&W&&&''I'z''((?(q(())8)k))*5h*++6+i++,,9,n,,--A-v--..L.../$/Z///050l0011J11122c2233F3334+4e4455M55567
Sep 15, 2024 00:51:38.098546028 CEST	1236	IN	Data Raw: 6d f6 fb f7 8a f8 19 f8 a8 f9 38 f9 c7 fa 57 fa e7 fb 77 fc 07 fc 98 fd 29 fd ba fe 4b fe dc ff 6d ff ff ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e Data Ascii: m8Ww)KmCCI
Sep 15, 2024 00:51:38.098556995 CEST	704	IN	Data Raw: b7 f5 6c 9f ef a8 25 c4 9b 1f ed ba c1 4e 4f 15 e6 f5 a0 26 59 da f1 3c 60 fa 3d 52 82 3f be ba 83 11 64 c6 d6 b2 d3 a0 73 46 ea 3d 9b 4c c2 ba e0 2a ee 98 ee 79 a1 4c 12 47 fc d5 3c b5 2f 88 fa 9f 1f b2 db 60 0f 17 0e 4d d1 3a 2a cc c4 a4 a7 51 Data Ascii: l%NO&Y<`=R?dsF=LyLG</`M:Q47vS}q,]z+/?$HK%JGw*YXL6M4_egC>sIUfDl"W6[oPm<&kT6CeciJ!J%SHA!1w3Lk
Sep 15, 2024 00:51:41.724565029 CEST	368	OUT	GET /-uxYJcIDwn9w/UMRf4-a-6KI/AAAAAAAAFbk/8pe3Zw5X15E/s1600/%5Bwww.gj37765.blogspot.com%5Dbg_search.png HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:41.906879902 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="[www.gj37765.blogspot.com]bg_search.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 1421 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:41 GMT Expires: Sun, 15 Sep 2024 22:51:41 GMT Cache-Control: public, max-age=86400, no-transform Age: 0 ETag: "v15b9" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 23 00 00 00 57 08 06 00 00 00 8e 6a fc 8e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 04 d9 49 44 41 54 68 81 ed 99 ef 6f 14 45 1c c6 3f fb a3 d7 eb 71 57 9a b6 41 ae b4 04 63 40 8c 29 4d 2c 0d 84 90 48 d1 57 7d c1 2b ff 01 b0 b4 7d 67 8c be 36 bc c6 98 18 7d 41 41 1a 12 83 89 84 c4 44 23 af a8 52 21 c1 28 88 fc 88 4a 11 34 42 cb b5 a5 b5 bd db d2 bd db db dd f1 c5 76 f7 ee 5a ae b7 57 e1 0e 71 9f cb 24 77 3b 3b 33 cf 3d df 99 ef cc 93 91 b6 be fd b5 a0 8a 50 15 79 ae 46 55 fb f4 8c 71 5a 05 d8 bc a1 b1 2a 44 f4 4c 96 e9 94 de 90 36 b2 a7 c2 b5 35 92 ea 3c 16 cc cc 1b 15 25 a2 2a 12 6b 42 2a 1b 9a a2 8c cf 68 92 69 5a [TRUNCATED] Data Ascii: PNGIHDR#WjsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDAThoE?qWAc@)M,HW}+}g6}AAD#R!(J4BvZWq$w;;3=PyFUqZDL65<%kBhiZGe!_ g4G0-Autq>0c+ZRHC22B Di:61uH#$0j]IVWGhqlm3CV=;F.~LhydJ)#l#5bPA}./+>,M]1R@d>mr6X$WW^A,~v-$Z0[8y>8s77VNR`6QHW-x+L<EnMoV%&phXYMlT]l"I5Wg&,-MQ 1.qc:IsQ~{#Q
Sep 15, 2024 00:51:51.632447958 CEST	333	OUT	GET /-hNovHLskRIk/ULCKXYEhbXI/AAAAAAAAEvU/kas8XtXhbbU/s1600/main.ico HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:51.928354025 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="main.ico.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 908 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:51 GMT Expires: Sun, 15 Sep 2024 22:51:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 0 ETag: "v12f5" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 02 00 00 00 fc 18 ed a3 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 03 44 49 44 41 54 48 89 bd 56 dd 4e d4 40 14 3e fd a1 ed 6e 59 16 16 c3 8f 12 50 58 44 50 88 c1 10 e4 42 bc f1 1d 8c 4f e1 6b 68 e2 8d 89 0f e0 03 98 98 78 a1 31 8a 7a b3 a2 08 51 22 a0 80 10 d8 f0 cf 2e 8b b0 ec b6 db 99 39 5e b4 b4 33 2d e0 8d eb 64 2e a6 67 ce 39 5f bf 6f ce 99 56 ba f3 e0 23 54 73 a8 08 58 5d 80 2a e7 ff 0f 0c b0 ea 0c 44 04 4d 91 fa db 93 21 a7 f9 cd 62 d1 22 d1 e0 cb cd 66 22 5e c3 5b b6 f6 ed f5 42 39 04 20 c4 34 c5 e1 d1 bd 6b a1 44 8f 5f 2f 3d 9f dc 0c 19 15 20 0f ef f6 d6 d7 1a bc f1 d9 c4 c6 93 37 cb bc 45 46 71 d4 1a 4a f4 4d 6f a6 53 18 19 57 cf 9b a1 ec 00 10 d7 94 90 5b 58 22 53 3f 01 e0 7a 47 52 af 91 ad 0a e5 8d b7 7a 1a a3 9e 71 5d 09 25 8c 30 d0 d5 68 98 ae ca 83 1d 49 c1 8f 91 d1 de e6 13 00 22 0c 64 86 c0 cf 5a 23 00 58 cf 1d 06 2a 75 a7 78 b7 ee 26 a3 b9 c1 74 b7 56 b6 f7 79 06 a1 84 61 06 bc 44 3f d6 0a b6 e3 15 [TRUNCATED] Data Ascii: PNGIHDR sBITODIDATHVN@>nYPXDPBOkhx1zQ".9^3-d.g9_oV#TsX]DM!b"f"^[B9 4kD_/= 7EFqJMoSW[X"S?zGRzq]%0hI"dZ#Xux&tVyaD?H:sqr)scpD=w4:LOFo5x,qIbKk_W($RglN:\ttl,4gIT+"!p:Z>@$]rO0Z\|W6=bPvy9N&%b4C)2jv\NQRlA%o\j8G39D,TDG6A/{5}mu1O%@"\BfdY0EG^Tjm;nT))\|NA"SW%)p-ZO@T(s;nT$2VNo(Zk8[qUtZgDS%P%

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:37.351671934 CEST	330	OUT	GET /-__0X3NTuBRM/UMRdfKfKA3I/AAAAAAAAFbM/gvAViqUuYhE/s1600/3.jpg HTTP/1.1 Host: 3.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:38.005579948 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="3.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 11569 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:37 GMT Expires: Sun, 15 Sep 2024 22:51:37 GMT Cache-Control: public, max-age=86400, no-transform Age: 0 ETag: "v15b3" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 6c 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 03 00 31 01 02 00 07 00 00 00 32 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 3a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 f0 00 00 00 03 a0 04 00 01 00 00 00 a0 00 00 00 00 00 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 a0 00 f0 03 01 11 00 02 11 01 03 11 01 ff c4 00 1d 00 00 01 05 01 01 01 01 00 00 00 00 00 00 00 00 00 05 02 03 04 06 07 08 01 09 00 ff c4 00 3f 10 00 01 03 03 02 04 03 05 06 04 04 07 01 01 00 [TRUNCATED] Data Ascii: JFIFHHlExifII12i:Google0220CC?!1AQa"2q#BRb3r$4CSc0!1AQ"2aqB#R?3MJR< w@SY3%9)+\H-yFL\|%!ID7w5#%BVPWEScc9TzlFi(4f'%#B!<(8DU%jGB7h)JE@+hMHNZcIJ6ZjmuXb4{6]el]5"]oc]=":fkcsMJkbubd S$w^H
Sep 15, 2024 00:51:38.005606890 CEST	1236	IN	Data Raw: 79 ff 00 c1 70 28 7b a7 b5 0c 95 72 1e 39 5f 0c 90 30 f3 24 73 ed 44 9d 81 38 ed 76 31 15 d5 34 b2 82 6a d7 b0 12 5e 42 4d ab 3c cf 3a 21 63 4f 9e 15 64 75 a8 5a 18 71 dd b7 a8 12 44 60 82 f3 80 0e f4 2f b0 ee 83 31 22 29 29 00 0a 24 25 b0 8b 71 Data Ascii: yp({r9_0$sD8v14j^BM<:!cOduZqD`/1"))$%q%7x;rBYxc)wP03T`bTSR*u3qVdP5U7X#KEBuvD0u#89!+!QpGKrR+g38
Sep 15, 2024 00:51:38.005618095 CEST	448	IN	Data Raw: f1 34 96 c9 71 1d f9 55 39 57 05 c7 1b 92 b2 bb 72 bc bb 3d 60 fb a0 0c 00 0d 03 76 6a 84 14 55 0c 05 f0 32 9c 64 2b 39 26 a8 22 53 8a 20 b6 f0 f7 56 39 fa d5 fd c5 d7 68 71 e5 79 8d 82 39 d1 5d a1 6b 86 4c b7 b6 98 cc 29 e7 39 f4 cd 5a e1 59 52 Data Ascii: 4qU9Wr=`vjU2d+9&"S V9hqy9]kL)9ZYR{ =i9/Dc_'RT)B5vz\|OA[KH@B0=y&=T`)lr6R3jbq%A\Xc&ZK~iB)VUK'} ,'OZ1rGbNR
Sep 15, 2024 00:51:38.005628109 CEST	1236	IN	Data Raw: a5 07 52 54 52 e7 6b cb 95 c0 9e 00 b3 9f 5a 72 82 5d 8a b0 62 d7 76 b8 1f 69 6a 00 f6 a2 f9 51 7c b1 e8 fa 56 5c 95 02 b2 b5 66 a9 cd 22 6d 64 bb f6 a8 bb 6a b9 49 93 75 9a fc f7 52 9e 14 97 95 90 94 8e 41 23 90 ad a9 28 f4 72 db 72 76 c8 03 7d Data Ascii: RTRkZr]bvijQ\|V\f"mdjIuRA#(rrv}*R"w]YGj"[Y/.L(tHG^{8()kBf089OcDL?2#SnpKriD{0h8H([\R9ID\pPutYg&ME%uW7lXj% ,
Sep 15, 2024 00:51:38.005640030 CEST	1236	IN	Data Raw: 00 0f cb 44 a4 43 e7 b1 00 93 83 f3 af 50 70 07 01 39 c6 c7 15 08 4d b5 23 8b 50 40 04 e1 2a 56 c9 c6 30 6b 06 ae f6 1d 3d 05 6f 67 5a 69 19 a1 86 1a 4e 79 00 12 0d 79 2c 8b 93 d5 c3 95 c9 a1 db 25 17 02 72 40 ce f8 35 91 9a 11 63 8c d2 5d 41 07 Data Ascii: DCPp9M#P@*V0k=ogZiNyy,%r@5c]Al&1c$]HR0GZ%'hzm^"PI%k2WOtGC/~\|5a\{19z7ay]:L.#~5PW$iZtIA<'D\|ME
Sep 15, 2024 00:51:38.005650043 CEST	1236	IN	Data Raw: 95 99 ea 60 cb ad aa ec 5c 75 28 4a f6 e4 3d 6b 1c 91 b6 28 b9 5b 6e 2a 75 23 2a 1c 39 e8 71 48 94 53 e4 6c 65 4c b5 db 25 87 17 c2 17 81 cb 00 e7 34 ae 87 7d c4 de 21 b8 d0 f3 da 04 80 72 b4 03 9c 8e ff 00 11 46 9d 0e 8b 4f 82 b3 72 b6 b7 79 6e Data Ascii: `\u(J=k([nu#9qHSleL%4}!rFOrynKr<h.KiB5y\|CWH<\B:{MJyRIm\@vJXFqRhk!\9:V{[RBhfJO<_$S;F]
Sep 15, 2024 00:51:38.005673885 CEST	1236	IN	Data Raw: e9 d8 72 56 ad 1d 33 f6 79 d7 4a d4 da 26 33 52 1d 0e 4e b7 2b ee 8f 67 99 00 7b 0a f9 a7 1f 43 43 3e 1d 9c 9c b0 a9 1b cc 19 7f 87 cf 7c 52 14 b9 13 28 58 56 d1 39 2f 3d 25 19 1c 5e 5a 46 0f c6 b6 47 99 43 f7 fe 0e 6e 45 b5 4b f6 fe 43 5c 47 1c Data Ascii: rV3yJ&3RN+g{CC>\|R(XV9/=%^ZFGCnEKC\GkziqrB[3'@O#@DCa,iY[IZ\|d)X5}NXZ6tQI'UZjH\[.M!skN=$(J$)VTh w?\c}
Sep 15, 2024 00:51:38.005688906 CEST	1236	IN	Data Raw: 1e a6 4d 9b a8 9d 52 03 6d e5 6b 51 c2 51 9d c9 e9 52 30 b2 de 4e 2c dd 3c 31 b0 db ec 36 88 cf cd 65 99 57 29 08 4b 8e b8 b4 83 c3 91 b2 40 3c b1 4f 71 49 05 8e 4d f4 69 b0 e3 da e4 e1 d6 a3 96 64 24 7b ec ab 07 1f 0e 55 8f 24 22 fa 37 46 52 8f Data Ascii: MRmkQQR0N,<16eW)K@<OqIMid${U$"7FR-R~*XG\|nHy[KJZ1rgUR\|U{tdqe[Rfj"9,8<uuAe$$JGn8H@V,R(&[lvHR
Sep 15, 2024 00:51:38.005700111 CEST	1236	IN	Data Raw: 5d 8c a9 01 67 97 2a 81 59 68 d2 fa d1 cb 7b a8 8b 39 65 71 f9 25 f3 ef 23 e3 dc 7a d7 3f 3e 99 4f e6 87 67 4f 06 a5 c7 e5 9f 46 b3 6d 9c 14 84 2b 8b 89 2a 1b 11 b8 3f 3a e2 49 57 67 6a 12 b0 b2 df 43 e9 e1 56 f9 ed b7 4a 5d 9a e2 c6 ee 16 36 24 Data Ascii: ]gYh{9eq%#z?>OgOFm+?:IWgjCVJ]6$FJ@Qh6WpgwEiXDRWD6Eqe<X!us9yk*eB2o)GVK,mdd(+0w42R
Sep 15, 2024 00:51:38.005712986 CEST	1236	IN	Data Raw: 62 97 c9 b9 57 80 a4 06 21 5c 49 4b 84 13 f0 a1 b6 33 6a 7c b2 d1 a6 af 77 0d 2a 3c 8b 63 89 93 0b 39 30 9d c9 40 ff 00 29 1b a7 e5 b7 a5 36 39 1a ec e6 ea 34 38 b3 73 d3 f7 34 bb 26 ab 8d 7d 6d 68 e0 54 59 8d 8c b9 19 c3 92 07 70 7f 30 ad 90 92 Data Ascii: bW!\IK3j\|w*<c90@)6948s4&}mhTYp05iK\|Jz#cj?]B)<@ZZEB5cZ\`tP,l1PxH=bNp0rQ,5/.-gO5F9~^K%m +3
Sep 15, 2024 00:51:38.010484934 CEST	448	IN	Data Raw: be 06 49 c9 f4 ad 18 f1 34 ed 9c ad 66 b2 39 23 b2 0c e3 9c e5 ba ee 1e 5b c9 e0 c0 35 0b 3f 6e 48 fe 95 08 29 4a 4a 06 54 6a 11 73 d1 1d c9 08 03 d9 40 cf 72 2a 0c 48 65 6f ad cd 8a b6 ec 2a 82 1b ab 20 fb 15 01 64 b4 8c 54 16 21 f3 b6 2a 17 11 Data Ascii: I4f9#[5?nH)JJTjs@rHeo dT!*PKBQhDdRg.'tL0eCVYiCW5rkUIC5iZ!65;629XWFHFqIB ayG6{-jN0T w4

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:41.212343931 CEST	440	OUT	GET /-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:41.830111980 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="bg.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 1003 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5090 ETag: "v12ea" Content-Type: image/jpeg Vary: Origin Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 02 01 00 48 00 48 00 00 ff e1 00 78 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 04 00 12 01 03 00 01 00 00 00 01 00 00 00 31 01 02 00 07 00 00 00 3e 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 46 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 06 00 00 00 03 a0 04 00 01 00 00 00 94 00 00 00 00 00 00 00 ff ee 00 0e 41 64 6f 62 65 00 64 40 00 00 00 01 ff db 00 84 00 02 02 02 02 02 02 02 02 02 02 03 02 02 02 03 04 03 02 02 03 04 05 04 04 04 04 04 05 06 05 05 05 05 05 05 06 06 07 07 08 07 07 06 09 09 0a 0a 09 09 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 01 03 03 03 05 04 05 09 06 06 09 0d 0a 09 0a 0d 0f 0e 0e 0e 0e 0f 0f 0c 0c 0c 0c 0c 0f 0f 0c 0c 0c 0c 0c 0c 0f 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 94 00 06 03 01 11 00 02 11 01 03 11 01 ff dd 00 04 00 01 ff c4 01 a2 00 00 00 07 01 01 01 01 01 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: JFIFHHxExifII1>iFGoogle0220Adobed@s!1AQa"q2B#R3b$r%C4Scs5D'6Tdt&EFVU(eufv7GWgw8HXhx)9IYiy:JZjzm!1AQa"q2#BRbr3$4CS%cs5DT&6E'dtU7()euFVfvGWgw8HXhx9IYiy*:JZjz?+w.?9U?6
Sep 15, 2024 00:51:41.830138922 CEST	221	IN	Data Raw: e4 ff 00 ff d0 f9 4f 8a bf ff d1 f9 4f 8a bf ff d2 f9 d5 ff 00 2a 9b f3 33 97 1f f0 36 b3 cb a5 3e aa ff 00 d3 2f fc ae 6f e6 4b e4 5a 7f 31 8f f9 c3 e6 1f ff d3 34 a2 f8 0c f5 07 cf 1f ff d4 30 a8 cf 50 7c f1 ff d5 19 c8 67 a8 3e 78 ff 00 ff d6 Data Ascii: OO*36>/oKZ140P\|g>xgx,o#;BaeSW/K^ouyc????3M}O{
Sep 15, 2024 00:51:44.225816011 CEST	455	OUT	GET /-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:44.406339884 CEST	1107	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="blue_twitter_bird.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 640 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5093 ETag: "v130d" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 18 00 00 00 18 08 06 00 00 00 e0 77 3d f8 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 cc 49 44 41 54 48 89 ed 95 3f 48 1b 61 18 c6 7f b9 1c c9 45 63 4c 44 6b 44 a5 71 48 40 5b a8 22 5a b0 42 d3 4d 9c 35 b3 ae 2e a2 83 93 e0 2c a5 e0 e6 26 d8 ad a9 a8 a3 4e fe 25 74 b1 4d 4b 15 e9 45 14 4c 30 1c 01 23 a6 18 63 bc 38 78 82 86 dc c5 58 84 0a 3e e3 fb bd df f3 7b 78 f9 5e 3e 53 2e 97 e3 31 25 3c aa fb 33 e0 bf 00 88 0f b9 24 04 65 3f 30 0c ac a9 01 ef d4 83 00 9a 09 6a c0 bb 9a 57 f7 00 0b 80 d3 57 61 69 db 3e c9 1c bf aa b4 cc ea fa 18 c0 93 c0 8a 6d 2e 12 13 82 f2 c0 ad fa 04 e0 04 f8 73 9a 79 d9 bb 11 fb 38 b4 a5 d4 [TRUNCATED] Data Ascii: PNGIHDRw=sBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATH?HaEcLDkDqH@["ZBM5.,&N%tMKEL0#c8xX>{x^>S.1%<3$e?0jWWai>m.sy8M9/_<3TI!(Zu4Ib.i5]Q`)8JgO5~{ukv,6A=E>4HfS(xKUXA\Uqxa.9)zri>zeM~~mvX7&r6KgbW-hOtWR\{&7Ul.Oz\zIENDB`
Sep 15, 2024 00:51:44.415641069 CEST	451	OUT	GET /-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:44.595053911 CEST	900	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="blue_facebook.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 437 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5093 ETag: "v130b" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 01 49 44 41 54 58 85 63 fc ff ff 3f c3 40 02 a6 01 b5 7d d4 01 a3 0e 18 75 c0 a8 03 a8 e5 00 f3 c8 59 ff bd 33 97 92 55 a4 52 ec 80 f8 8a f5 ff 4f 2c 4b 25 5b 3f c5 0e b8 f1 f0 35 03 03 03 03 c3 9b 0f 5f e9 ef 80 39 6b ce fc b7 35 92 a5 c4 08 06 16 4a 34 cf 5e 7b 8e 01 39 f8 cd 23 67 fd 67 60 60 60 b0 37 96 67 e8 2a 71 67 a4 9a 03 e2 2b d6 ff 87 05 35 32 40 b6 1c 99 6d 11 35 9b 18 63 89 77 c0 8d 87 af 19 c2 3d 74 18 18 18 18 18 56 ee b8 c2 40 49 a2 23 cb 01 0c 0c 0c 0c cf 5e 7d a4 9a a5 c8 60 e8 14 44 4c 8c b4 71 2b d1 51 f0 ef ff [TRUNCATED] Data Ascii: PNGIHDR szzsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATXc?@}uY3URO,K%[?5_9k5J4^{9#gg```7g*qg+52@m5cw=tV@I#^}`DLq+Q?8ld4lLQKFb4FQ,_FT$C':`fN#[IENDB`
Sep 15, 2024 00:52:29.603013039 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:41.407706022 CEST	448	OUT	GET /-Z-xxpA6Bzqg/ULCCTYRgP2I/AAAAAAAAEvE/AekO-nDLdJw/s1600/down-arrow.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:42.022885084 CEST	679	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="down-arrow.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 219 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5090 ETag: "v12f1" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 07 00 00 00 04 08 02 00 00 00 cd a4 b2 2a 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 00 28 49 44 41 54 08 99 63 5c b3 eb 24 03 06 60 0a 76 35 43 13 0a 76 35 63 82 50 c8 42 0c 0c 0c 0c ff 61 60 cd ae 93 70 36 00 28 8d 19 8a 2e 98 f9 0b 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR*sBITO_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-(IDATc\$`v5Cv5cPBa`p6(.IENDB`
Sep 15, 2024 00:51:42.364423990 CEST	679	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="down-arrow.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 219 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5090 ETag: "v12f1" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 07 00 00 00 04 08 02 00 00 00 cd a4 b2 2a 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 00 28 49 44 41 54 08 99 63 5c b3 eb 24 03 06 60 0a 76 35 43 13 0a 76 35 63 82 50 c8 42 0c 0c 0c 0c ff 61 60 cd ae 93 70 36 00 28 8d 19 8a 2e 98 f9 0b 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR*sBITO_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-(IDATc\$`v5Cv5cPBa`p6(.IENDB`
Sep 15, 2024 00:51:44.225936890 CEST	448	OUT	GET /-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:44.408216000 CEST	945	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="bubble-pip.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 485 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5093 ETag: "v130f" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 64 00 00 00 09 08 06 00 00 00 c4 88 89 d0 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 31 49 44 41 54 48 89 ed 96 c1 4a c3 40 10 86 67 77 02 15 6b c4 c4 5a da 62 7a aa 82 6d 42 03 fa 08 82 67 5f c0 87 eb 03 e8 d9 47 f0 e4 c6 a4 0d 68 f5 90 14 15 8d 69 0f 5a 3c ac 19 4f 91 e8 59 5c 30 f9 4e c3 fc 97 ef 30 33 0c 23 22 28 22 3c df 72 87 4e 0c 15 bf 8e f0 7c 0b 11 43 c7 ee d7 7f 66 c1 38 7c 95 52 ba bc d8 f4 83 c9 08 11 c3 bf 53 2c 17 88 18 03 c0 69 14 c5 6f c5 7e 14 cf 96 44 74 86 88 b7 8c 88 40 78 fe 86 a6 69 e7 eb fa da a0 db b5 ea 00 c0 d4 28 ff 6f 82 f1 d7 ac 5f 98 a6 b1 df 69 b7 f0 fe e1 f1 23 4d e7 02 00 0e 00 00 [TRUNCATED] Data Ascii: PNGIHDRdsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-1IDATHJ@gwkZbzmBg_GhiZ<OY\0N03#"("<rN\|Cf8\|RS,io~Dt@xi(o_i#M4M4NlK2/%4=yN3<krw}32!,]&gX)lHum\DlZcJ'RJWL'o_IENDB`
Sep 15, 2024 00:51:44.412715912 CEST	454	OUT	GET /--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:44.593518972 CEST	1184	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="white_googleplus.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 718 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5093 ETag: "v1313" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 1a 49 44 41 54 58 85 ed 97 3d 68 53 51 14 c7 7f f7 99 36 24 36 21 35 4d 91 d2 56 fc 28 a2 18 51 a9 5a 29 82 2e ea 56 2d 58 2b 88 11 b5 88 53 ea 20 a8 83 0e 55 47 07 e9 20 74 72 10 14 07 15 1d 14 b4 82 83 9f 28 6a 8a 62 12 63 1b 5b ab 89 c4 36 5f c5 24 af c7 a5 84 86 b4 5b 1e 75 78 17 0e 5c 38 87 fb ff dd 7b cf e1 de a3 44 84 85 1c da 82 aa 9b 00 26 80 09 60 02 98 00 26 c0 ff 00 60 01 48 7f 7c 2d a9 27 f7 c8 c7 c7 c9 7f ff 86 14 f2 a5 51 9a 86 6b af 8f ba fd c7 54 c5 01 7e 5c 39 27 b9 c8 17 3c 27 ce b2 d8 db aa 00 c6 2e 9f 92 a9 c0 [TRUNCATED] Data Ascii: PNGIHDR szzsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATX=hSQ6$6!5MV(QZ).V-X+S UG tr(jbc[6_$[ux\8{D&`&`H\|-'QkT~\9'<'.<Ocn%m@B9Qi5onm[uGqGC V@YT,o1 .JN!x+dM8vS.J.x)OF&!I>Mn$MS5u.f7&S#a=s>J$CoJ+V+Lb$^bI!oh\|+V!\@RP{[CsQ$~k@&\/{Xb@9L4"s.zRbW/0`mYGsh86)a?z/IENDB`
Sep 15, 2024 00:51:44.610959053 CEST	448	OUT	GET /-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:44.792062998 CEST	1234	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="linkedinss.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 774 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5093 ETag: "v1311" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 12 00 00 00 18 08 02 00 00 00 78 37 3a 66 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 53 49 44 41 54 38 8d 9d 94 bb 4f 54 41 14 c6 bf 33 77 96 cb bd e0 ae c2 f2 88 62 40 0d c4 f8 a0 50 0a 1b 63 a1 d8 98 58 ab 85 24 76 fe 01 d6 36 44 2b 1b 6c 48 6c 8c 1a 3b 3b 35 16 9a 18 0c 16 d2 f0 8a 1a 95 20 ee 12 60 77 61 97 7d de bd f7 ce 39 16 88 06 54 76 f5 64 8a 39 93 f9 e5 9c ef 9b 93 21 5c b9 8d 7f 0f f5 1f 0c 00 d5 ee 10 00 70 58 d7 75 0e b5 84 00 54 aa 6c 00 40 e9 fa aa e8 90 2c b0 51 20 82 08 8c 81 08 0c 43 a4 16 4a 20 d2 00 11 70 e1 44 ef c5 81 be d9 44 fa d1 d8 cc 9a e7 d7 02 49 83 79 a0 a7 f3 ce d5 73 7d 9d 2d 02 64 2b [TRUNCATED] Data Ascii: PNGIHDRx7:fsBITO_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-SIDAT8OTA3wb@PcX$v6D+lHl;;5 `wa}9Tvd9!\pXuTl@,Q CJ pDDIys}-d+aJ(A\+Vj=-t23^?6jfjS!4Qy99J)}+4D LXc=ejayrn4D\`6/0COVG?'S8hW\DR !-NeYDFvw<ZR5h#'M~lwwsKn:};..f,vK%d(,D5u;Vs&HkH%j^sj`6U+YEXY/pVD17b`~@k7-[,x>uD]kj2[ \RMID 5 *hi~.a&t9YO\|-%H^MpIENDB`
Sep 15, 2024 00:52:29.912657022 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:41.854829073 CEST	331	OUT	GET /-QdzebGFBJEA/UK9VjFcU23I/AAAAAAAAEuo/0dR566x-3TU/s1600/bg.jpg HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:42.809298038 CEST	1236	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="bg.jpg" X-Content-Type-Options: nosniff Server: fife Content-Length: 1003 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:42 GMT Expires: Sun, 15 Sep 2024 22:51:42 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v12ea" Content-Type: image/jpeg Vary: Origin Age: 0 Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 02 01 00 48 00 48 00 00 ff e1 00 78 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 04 00 12 01 03 00 01 00 00 00 01 00 00 00 31 01 02 00 07 00 00 00 3e 00 00 00 12 02 03 00 02 00 00 00 01 00 01 00 69 87 04 00 01 00 00 00 46 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 03 00 00 90 07 00 04 00 00 00 30 32 32 30 02 a0 04 00 01 00 00 00 06 00 00 00 03 a0 04 00 01 00 00 00 94 00 00 00 00 00 00 00 ff ee 00 0e 41 64 6f 62 65 00 64 40 00 00 00 01 ff db 00 84 00 02 02 02 02 02 02 02 02 02 02 03 02 02 02 03 04 03 02 02 03 04 05 04 04 04 04 04 05 06 05 05 05 05 05 05 06 06 07 07 08 07 07 06 09 09 0a 0a 09 09 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 01 03 03 03 05 04 05 09 06 06 09 0d 0a 09 0a 0d 0f 0e 0e 0e 0e 0f 0f 0c 0c 0c 0c 0c 0f 0f 0c 0c 0c 0c 0c 0c 0f 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 94 00 06 03 01 11 00 02 11 01 03 11 01 ff dd 00 04 00 01 ff c4 01 a2 00 00 00 07 01 01 01 01 01 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: JFIFHHxExifII1>iFGoogle0220Adobed@s!1AQa"q2B#R3b$r%C4Scs5D'6Tdt&EFVU(eufv7GWgw8HXhx)9IYiy:JZjzm!1AQa"q2#BRbr3$4CS%cs5DT&6E'dtU7()euFVfvGWgw8HXhx9IYiy*:JZjz?+w.?9U?6
Sep 15, 2024 00:51:42.809345007 CEST	218	IN	Data Raw: ff d0 f9 4f 8a bf ff d1 f9 4f 8a bf ff d2 f9 d5 ff 00 2a 9b f3 33 97 1f f0 36 b3 cb a5 3e aa ff 00 d3 2f fc ae 6f e6 4b e4 5a 7f 31 8f f9 c3 e6 1f ff d3 34 a2 f8 0c f5 07 cf 1f ff d4 30 a8 cf 50 7c f1 ff d5 19 c8 67 a8 3e 78 ff 00 ff d6 11 c8 67 Data Ascii: OO*36>/oKZ140P\|g>xgx,o#;BaeSW/K^ouyc????3M}O{
Sep 15, 2024 00:51:42.809364080 CEST	218	IN	Data Raw: ff d0 f9 4f 8a bf ff d1 f9 4f 8a bf ff d2 f9 d5 ff 00 2a 9b f3 33 97 1f f0 36 b3 cb a5 3e aa ff 00 d3 2f fc ae 6f e6 4b e4 5a 7f 31 8f f9 c3 e6 1f ff d3 34 a2 f8 0c f5 07 cf 1f ff d4 30 a8 cf 50 7c f1 ff d5 19 c8 67 a8 3e 78 ff 00 ff d6 11 c8 67 Data Ascii: OO*36>/oKZ140P\|g>xgx,o#;BaeSW/K^ouyc????3M}O{
Sep 15, 2024 00:51:44.422501087 CEST	346	OUT	GET /-ZehYBE_THZs/ULCmOrzNjdI/AAAAAAAAEw0/mq1NaN47uEM/s1600/blue_twitter_bird.png HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:44.788992882 CEST	1104	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="blue_twitter_bird.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 640 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:44 GMT Expires: Sun, 15 Sep 2024 22:51:44 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v130d" Content-Type: image/png Vary: Origin Age: 0 Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 18 00 00 00 18 08 06 00 00 00 e0 77 3d f8 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 cc 49 44 41 54 48 89 ed 95 3f 48 1b 61 18 c6 7f b9 1c c9 45 63 4c 44 6b 44 a5 71 48 40 5b a8 22 5a b0 42 d3 4d 9c 35 b3 ae 2e a2 83 93 e0 2c a5 e0 e6 26 d8 ad a9 a8 a3 4e fe 25 74 b1 4d 4b 15 e9 45 14 4c 30 1c 01 23 a6 18 63 bc 38 78 82 86 dc c5 58 84 0a 3e e3 fb bd df f3 7b 78 f9 5e 3e 53 2e 97 e3 31 25 3c aa fb 33 e0 bf 00 88 0f b9 24 04 65 3f 30 0c ac a9 01 ef d4 83 00 9a 09 6a c0 bb 9a 57 f7 00 0b 80 d3 57 61 69 db 3e c9 1c bf aa b4 cc ea fa 18 c0 93 c0 8a 6d 2e 12 13 82 f2 c0 ad fa 04 e0 04 f8 73 9a 79 d9 bb 11 fb 38 b4 a5 d4 [TRUNCATED] Data Ascii: PNGIHDRw=sBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATH?HaEcLDkDqH@["ZBM5.,&N%tMKEL0#c8xX>{x^>S.1%<3$e?0jWWai>m.sy8M9/_<3TI!(Zu4Ib.i5]Q`)8JgO5~{ukv,6A=E>4HfS(xKUXA\Uqxa.9)zri>zeM~~mvX7&r6KgbW-hOtWR\{&7Ul.Oz\zIENDB`
Sep 15, 2024 00:52:29.850287914 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:42.366823912 CEST	339	OUT	GET /-Z-xxpA6Bzqg/ULCCTYRgP2I/AAAAAAAAEvE/AekO-nDLdJw/s1600/down-arrow.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:42.987974882 CEST	679	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="down-arrow.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 219 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5091 ETag: "v12f1" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 07 00 00 00 04 08 02 00 00 00 cd a4 b2 2a 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 00 28 49 44 41 54 08 99 63 5c b3 eb 24 03 06 60 0a 76 35 43 13 0a 76 35 63 82 50 c8 42 0c 0c 0c 0c ff 61 60 cd ae 93 70 36 00 28 8d 19 8a 2e 98 f9 0b 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR*sBITO_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-(IDATc\$`v5Cv5cPBa`p6(.IENDB`
Sep 15, 2024 00:51:44.426708937 CEST	339	OUT	GET /-kmJ8A0nIZjo/ULCmPUQWlRI/AAAAAAAAEw8/nTLRUcreTvU/s1600/bubble-pip.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:44.607028008 CEST	945	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="bubble-pip.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 485 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5093 ETag: "v130f" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 64 00 00 00 09 08 06 00 00 00 c4 88 89 d0 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 31 49 44 41 54 48 89 ed 96 c1 4a c3 40 10 86 67 77 02 15 6b c4 c4 5a da 62 7a aa 82 6d 42 03 fa 08 82 67 5f c0 87 eb 03 e8 d9 47 f0 e4 c6 a4 0d 68 f5 90 14 15 8d 69 0f 5a 3c ac 19 4f 91 e8 59 5c 30 f9 4e c3 fc 97 ef 30 33 0c 23 22 28 22 3c df 72 87 4e 0c 15 bf 8e f0 7c 0b 11 43 c7 ee d7 7f 66 c1 38 7c 95 52 ba bc d8 f4 83 c9 08 11 c3 bf 53 2c 17 88 18 03 c0 69 14 c5 6f c5 7e 14 cf 96 44 74 86 88 b7 8c 88 40 78 fe 86 a6 69 e7 eb fa da a0 db b5 ea 00 c0 d4 28 ff 6f 82 f1 d7 ac 5f 98 a6 b1 df 69 b7 f0 fe e1 f1 23 4d e7 02 00 0e 00 00 [TRUNCATED] Data Ascii: PNGIHDRdsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-1IDATHJ@gwkZbzmBg_GhiZ<OY\0N03#"("<rN\|Cf8\|RS,io~Dt@xi(o_i#M4M4NlK2/%4=yN3<krw}32!,]&gX)lHum\DlZcJ'RJWL'o_IENDB`
Sep 15, 2024 00:51:44.644747019 CEST	345	OUT	GET /--KSS1lAiopw/ULCmQ2PrufI/AAAAAAAAExM/1Eg-u42VXWo/s1600/white_googleplus.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:44.828596115 CEST	1184	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="white_googleplus.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 718 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5093 ETag: "v1313" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 1a 49 44 41 54 58 85 ed 97 3d 68 53 51 14 c7 7f f7 99 36 24 36 21 35 4d 91 d2 56 fc 28 a2 18 51 a9 5a 29 82 2e ea 56 2d 58 2b 88 11 b5 88 53 ea 20 a8 83 0e 55 47 07 e9 20 74 72 10 14 07 15 1d 14 b4 82 83 9f 28 6a 8a 62 12 63 1b 5b ab 89 c4 36 5f c5 24 af c7 a5 84 86 b4 5b 1e 75 78 17 0e 5c 38 87 fb ff dd 7b cf e1 de a3 44 84 85 1c da 82 aa 9b 00 26 80 09 60 02 98 00 26 c0 ff 00 60 01 48 7f 7c 2d a9 27 f7 c8 c7 c7 c9 7f ff 86 14 f2 a5 51 9a 86 6b af 8f ba fd c7 54 c5 01 7e 5c 39 27 b9 c8 17 3c 27 ce b2 d8 db aa 00 c6 2e 9f 92 a9 c0 [TRUNCATED] Data Ascii: PNGIHDR szzsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATX=hSQ6$6!5MV(QZ).V-X+S UG tr(jbc[6_$[ux\8{D&`&`H\|-'QkT~\9'<'.<Ocn%m@B9Qi5onm[uGqGC V@YT,o1 .JN!x+dM8vS.J.x)OF&!I>Mn$MS5u.f7&S#a=s>J$CoJ+V+Lb$^bI!oh\|+V!\@RP{[CsQ$~k@&\/{Xb@9L4"s.zRbW/0`mYGsh86)a?z/IENDB`
Sep 15, 2024 00:52:29.850356102 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:44.655740023 CEST	342	OUT	GET /-1rV4Io0cQd8/ULCmNgcmLrI/AAAAAAAAEws/ANSyGoiN-5E/s1600/blue_facebook.png HTTP/1.1 Host: 4.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:45.448860884 CEST	897	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="blue_facebook.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 437 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 22:51:45 GMT Expires: Sun, 15 Sep 2024 22:51:45 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v130b" Content-Type: image/png Vary: Origin Age: 0 Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 01 01 49 44 41 54 58 85 63 fc ff ff 3f c3 40 02 a6 01 b5 7d d4 01 a3 0e 18 75 c0 a8 03 a8 e5 00 f3 c8 59 ff bd 33 97 92 55 a4 52 ec 80 f8 8a f5 ff 4f 2c 4b 25 5b 3f c5 0e b8 f1 f0 35 03 03 03 03 c3 9b 0f 5f e9 ef 80 39 6b ce fc b7 35 92 a5 c4 08 06 16 4a 34 cf 5e 7b 8e 01 39 f8 cd 23 67 fd 67 60 60 60 b0 37 96 67 e8 2a 71 67 a4 9a 03 e2 2b d6 ff 87 05 35 32 40 b6 1c 99 6d 11 35 9b 18 63 89 77 c0 8d 87 af 19 c2 3d 74 18 18 18 18 18 56 ee b8 c2 40 49 a2 23 cb 01 0c 0c 0c 0c cf 5e 7d a4 9a a5 c8 60 e8 14 44 4c 8c b4 71 2b d1 51 f0 ef ff [TRUNCATED] Data Ascii: PNGIHDR szzsBIT\|d_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-IDATXc?@}uY3URO,K%[?5_9k5J4^{9#gg```7g*qg+52@m5cw=tV@I#^}`DLq+Q?8ld4lLQKFb4FQ,_FT$C':`fN#[IENDB`
Sep 15, 2024 00:52:30.501046896 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:44.801347971 CEST	339	OUT	GET /-a62VSby9HvU/ULCmQFh84hI/AAAAAAAAExE/VLrfHhGz01s/s1600/linkedinss.png HTTP/1.1 Host: 2.bp.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:44.979458094 CEST	1234	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="linkedinss.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 774 X-XSS-Protection: 0 Date: Sat, 14 Sep 2024 21:26:51 GMT Expires: Sun, 15 Sep 2024 21:26:51 GMT Cache-Control: public, max-age=86400, no-transform Age: 5093 ETag: "v1311" Content-Type: image/png Vary: Origin Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 12 00 00 00 18 08 02 00 00 00 78 37 3a 66 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 00 5f 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 41 50 50 31 00 00 08 99 e3 4a 4f cd 4b 2d ca 4c 56 28 28 ca 4f cb cc 49 e5 52 00 03 63 13 2e 13 4b 13 4b a3 44 03 03 03 0b 03 08 30 34 30 30 36 04 92 46 40 b6 39 54 28 d1 00 05 98 98 9b a5 01 a1 b9 59 b2 99 29 88 cf 05 00 4f ba 15 68 1b 2d d8 8c 00 00 02 53 49 44 41 54 38 8d 9d 94 bb 4f 54 41 14 c6 bf 33 77 96 cb bd e0 ae c2 f2 88 62 40 0d c4 f8 a0 50 0a 1b 63 a1 d8 98 58 ab 85 24 76 fe 01 d6 36 44 2b 1b 6c 48 6c 8c 1a 3b 3b 35 16 9a 18 0c 16 d2 f0 8a 1a 95 20 ee 12 60 77 61 97 7d de bd f7 ce 39 16 88 06 54 76 f5 64 8a 39 93 f9 e5 9c ef 9b 93 21 5c b9 8d 7f 0f f5 1f 0c 00 d5 ee 10 00 70 58 d7 75 0e b5 84 00 54 aa 6c 00 40 e9 fa aa e8 90 2c b0 51 20 82 08 8c 81 08 0c 43 a4 16 4a 20 d2 00 11 70 e1 44 ef c5 81 be d9 44 fa d1 d8 cc 9a e7 d7 02 49 83 79 a0 a7 f3 ce d5 73 7d 9d 2d 02 64 2b [TRUNCATED] Data Ascii: PNGIHDRx7:fsBITO_zTXtRaw profile type APP1JOK-LV((OIRc.KKD04006F@9T(Y)Oh-SIDAT8OTA3wb@PcX$v6D+lHl;;5 `wa}9Tvd9!\pXuTl@,Q CJ pDDIys}-d+aJ(A\+Vj=-t23^?6jfjS!4Qy99J)}+4D LXc=ejayrn4D\`6/0COVG?'S8hW\DR !-NeYDFvw<ZR5h#'M~lwwsKn:};..f,vK%d(,D5u;Vs&HkH%j^sj`6U+YEXY/pVD17b`~@k7-[,x>uD]kj2[ \RMID 5 *hi~.a&t9YO\|-%H^MpIENDB`
Sep 15, 2024 00:52:30.101989031 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:51:53.413094997 CEST	293	OUT	GET /favicon.ico HTTP/1.1 Host: facebooksecurity.blogspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:51:54.127456903 CEST	1152	IN	HTTP/1.1 200 OK Content-Type: image/x-icon Expires: Sat, 14 Sep 2024 22:51:53 GMT Date: Sat, 14 Sep 2024 22:51:53 GMT Cache-Control: private, max-age=86400 Last-Modified: Wed, 28 Aug 2024 23:43:33 GMT ETag: W/"5f5c1da81114420560597a091adc3d3dbd351d0032fffd44472cf59b89c6bcf9" Content-Encoding: gzip X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Content-Length: 665 Server: GSE Data Raw: 1f 8b 08 00 00 00 00 00 00 ff 7d 93 5d 48 53 61 18 c7 5f 51 28 87 e8 d8 45 57 63 78 a1 e0 47 db ce 26 3b 3a 5d 78 64 c7 75 5a 08 3a 5c 2d 1d 15 b4 dc c4 31 89 30 85 70 d3 81 30 c1 22 cd 2b cd 10 a3 0b bb 90 ae ec ce d4 8b 79 13 53 64 62 1f 37 8a b8 2d 2d ea c2 9b a8 f6 ef bc 67 69 9b 9b fd 0f ff f3 f1 bc cf ef 79 0e 2f ef 43 48 9e 78 c9 e5 44 bc 97 12 4f 01 21 17 08 21 15 a2 c5 90 18 49 c5 a9 b8 02 92 25 00 ff 9c 48 c8 d6 d7 d6 4a ed 6d 6d 82 41 af ef d5 aa d5 c3 9a aa aa 91 1a 86 b9 7f 55 10 ec 53 93 93 d5 38 3a 2a ca 60 d2 4c c5 1a d9 97 95 17 2b a1 d1 69 a0 ab 61 44 eb c0 e8 19 54 6b aa 51 51 55 f1 ed 74 df 74 51 ae fe 92 11 1c cf a1 ae a1 0e b5 0d b5 92 4d 8d 26 70 cd 1c 4c 9c 09 4c 8d 36 13 fa 2b 35 a3 06 67 e6 24 be b8 a4 98 e6 64 d9 28 ae 35 f1 4d 60 eb d9 8c 1a 1a 9d 3a 69 16 cc 30 5b cc 19 f9 5f 87 8a b2 6a 70 e6 46 58 ac 16 18 4d c6 93 1a 94 6b 77 b4 43 2e 97 ff 97 97 c9 64 50 2a 95 b0 d9 db 60 6d b9 22 f1 13 53 13 bc 5d 64 af dd b0 67 f5 4a e7 15 0a 05 ca cb cb c1 b2 2c 1c 9d d7 e1 bc e5 [TRUNCATED] Data Ascii: }]HSa_Q(EWcxG&;:]xduZ:\-10p0"+ySdb7--giy/CHxDO!!I%HJmmAUS8:`L+iaDTkQQUttQM&pLL6+5g$d(5M`:i0[_jpFXMkwC.dP`m"S]dgJ,DeWRq*67zf;1p` 'O-N'<\|>FB#'~t?3\.#`f>'<EhqE(~_ceupXbQVVv188(qcccvs/2o#^WoGQlmmI\|9"9X<X,x<]D"1y%}\|WN#{IOP^u9;)(~
Sep 15, 2024 00:52:39.139673948 CEST	6	OUT	Data Raw: 00 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
Sep 15, 2024 00:52:23.445184946 CEST	435	OUT	GET /salimsays HTTP/1.1 Host: twitter.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 15, 2024 00:52:23.926438093 CEST	351	IN	HTTP/1.1 301 Moved Permanently perf: 7402827104 location: https://twitter.com/salimsays cache-control: no-cache, no-store, max-age=0 content-length: 0 x-transaction-id: c0e0e7da913b38c2 x-response-time: 0 x-connection-hash: 18377188e718c1dcff3b2f625a179c13628869de113654d046c33d32f0b8aa91 date: Sat, 14 Sep 2024 22:52:23 GMT server: tsa_b

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:35 UTC	589	OUT	GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1 Host: www.blogger.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-14 22:51:36 UTC	688	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech" Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} Content-Length: 30597 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 10 Sep 2024 12:27:19 GMT Expires: Wed, 10 Sep 2025 12:27:19 GMT Cache-Control: public, max-age=31536000 Last-Modified: Mon, 09 Sep 2024 21:00:51 GMT Content-Type: text/css Vary: Accept-Encoding Age: 383056 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-14 22:51:36 UTC	702	IN	Data Raw: 73 65 63 74 69 6f 6e 2c 6e 61 76 2c 61 72 74 69 63 6c 65 2c 61 73 69 64 65 2c 68 67 72 6f 75 70 2c 68 65 61 64 65 72 2c 66 6f 6f 74 65 72 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 74 69 6d 65 2c 6d 61 72 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 75 6c 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 75 6c 20 6c 69 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6c 69 73 74 2d 73 74 79 6c 65 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 63 6c 65 61 72 3a 6c 65 66 74 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 61 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a Data Ascii: section,nav,article,aside,hgroup,header,footer{display:block}time,mark{display:inline}.blog-list-container ul{padding-left:0}.blog-list-container ul li{padding-left:0;list-style:none;list-style-image:none;clear:left}.blog-list-container a{text-decoration:
2024-09-14 22:51:36 UTC	1390	IN	Data Raw: 66 74 3b 6d 61 72 67 69 6e 3a 32 70 78 20 35 70 78 20 35 70 78 20 30 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 69 74 65 6d 2d 74 69 6d 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 39 35 25 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 69 74 61 6c 69 63 3b 63 6c 65 61 72 3a 6c 65 66 74 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 7d 2e 62 6c 6f 67 2d 6c 69 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 68 6f 77 2d 6f 70 74 69 6f 6e 7b 66 6f 6e 74 2d 73 69 7a 65 3a 37 35 25 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 77 69 64 67 65 74 7b 68 65 69 67 68 74 3a 33 32 30 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 32 Data Ascii: ft;margin:2px 5px 5px 0}.blog-list-container .item-time{font-size:95%;font-style:italic;clear:left}.blog-list-title{font-weight:bold}.blog-list-container .show-option{font-size:75%;text-align:right}.contact-form-widget{height:320;margin-left:0;max-width:2
2024-09-14 22:51:36 UTC	1390	IN	Data Raw: 73 6f 6c 69 64 20 23 64 39 64 39 64 39 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 30 63 30 63 30 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 63 6f 6c 6f 72 3a 23 33 33 33 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 68 65 69 67 68 74 3a 32 34 70 78 3b 6d 61 72 67 69 6e 3a 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 70 61 64 64 69 6e 67 3a 30 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 7d 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 65 6d 61 69 6c 2d 6d 65 73 73 61 67 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 62 61 63 6b 67 Data Ascii: solid #d9d9d9;border-top:1px solid #c0c0c0;box-sizing:border-box;color:#333;display:inline-block;font-family:Arial,sans-serif;font-size:13px;height:24px;margin:0;margin-top:5px;padding:0;vertical-align:top}.contact-form-email-message{background:#fff;backg
2024-09-14 22:51:36 UTC	1390	IN	Data Raw: 66 35 66 35 66 35 2c 23 66 31 66 31 66 31 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6f 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 66 35 66 35 66 35 2c 23 66 31 66 31 66 31 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 66 35 66 35 66 35 2c 23 66 31 66 31 66 31 29 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 63 64 63 64 63 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 3b 63 6f 6c 6f 72 3a 23 34 34 34 3b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 69 6c 74 65 72 Data Ascii: f5f5f5,#f1f1f1);background-image:-o-linear-gradient(top,#f5f5f5,#f1f1f1);background-image:linear-gradient(top,#f5f5f5,#f1f1f1);border:1px solid #dcdcdc;border:1px solid rgba(0,0,0,.1);border-radius:2px;color:#444;cursor:default;display:inline-block;filter
2024-09-14 22:51:36 UTC	1390	IN	Data Raw: 6e 2e 72 69 67 68 74 2e 66 6f 63 75 73 2c 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2e 6d 69 64 2e 66 6f 63 75 73 2c 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2e 6c 65 66 74 2e 66 6f 63 75 73 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 34 64 39 30 66 65 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 7a 2d 69 6e 64 65 78 3a 34 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2d 73 75 62 6d 69 74 3a 66 6f 63 75 73 2c 2e 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 62 75 74 74 6f 6e 2d 73 75 62 6d 69 74 2e 66 6f 63 75 73 7b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 69 6e 73 65 74 20 30 20 30 20 30 20 31 70 78 20 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 35 Data Ascii: n.right.focus,.contact-form-button.mid.focus,.contact-form-button.left.focus{border:1px solid #4d90fe;outline:none;z-index:4 !important}.contact-form-button-submit:focus,.contact-form-button-submit.focus{-moz-box-shadow:inset 0 0 0 1px rgba(255,255,255,.5
2024-09-14 22:51:36 UTC	1390	IN	Data Raw: 69 6d 61 67 65 3a 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 36 36 36 2c 23 34 34 34 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6d 6f 7a 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 36 36 36 2c 23 34 34 34 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6d 73 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 36 36 36 2c 23 34 34 34 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6f 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 36 36 36 2c 23 34 34 34 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 36 36 36 2c 23 34 34 34 29 3b 62 6f 72 64 65 72 Data Ascii: image:-webkit-linear-gradient(top,#666,#444);background-image:-moz-linear-gradient(top,#666,#444);background-image:-ms-linear-gradient(top,#666,#444);background-image:-o-linear-gradient(top,#666,#444);background-image:linear-gradient(top,#666,#444);border
2024-09-14 22:51:36 UTC	1390	IN	Data Raw: 33 35 37 61 65 38 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6d 6f 7a 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6d 73 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 6f 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 34 64 39 30 66 65 2c 23 33 35 37 61 65 38 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 32 66 35 62 62 Data Ascii: 357ae8);background-image:-moz-linear-gradient(top,#4d90fe,#357ae8);background-image:-ms-linear-gradient(top,#4d90fe,#357ae8);background-image:-o-linear-gradient(top,#4d90fe,#357ae8);background-image:linear-gradient(top,#4d90fe,#357ae8);border-color:#2f5bb
2024-09-14 22:51:36 UTC	1390	IN	Data Raw: 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 25 7d 2e 6c 61 62 65 6c 2d 73 69 7a 65 2d 34 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 30 25 7d 2e 6c 61 62 65 6c 2d 73 69 7a 65 2d 35 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 30 25 7d 2e 63 6c 6f 75 64 2d 6c 61 62 65 6c 2d 77 69 64 67 65 74 2d 63 6f 6e 74 65 6e 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6a 75 73 74 69 66 79 7d 2e 6c 61 62 65 6c 2d 63 6f 75 6e 74 7b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 2e 6c 61 62 65 6c 2d 73 69 7a 65 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 2e 71 75 69 63 6b 65 64 69 74 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 4e 61 76 62 61 72 20 69 66 72 61 6d 65 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 23 6e 61 76 62 61 72 2d 69 66 72 61 6d 65 7b 64 69 73 Data Ascii: 3{font-size:100%}.label-size-4{font-size:120%}.label-size-5{font-size:160%}.cloud-label-widget-content{text-align:justify}.label-count{white-space:nowrap}.label-size{line-height:1.2}.quickedit{cursor:pointer}.Navbar iframe{display:block}#navbar-iframe{dis
2024-09-14 22:51:36 UTC	1390	IN	Data Raw: 30 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 6f 70 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 7d 23 73 68 61 72 69 6e 67 2d 64 69 6d 2d 6f 76 65 72 6c 61 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 69 6e 70 75 74 3a 3a 2d 6d 73 2d 63 6c 65 61 72 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 62 6c 6f 67 67 65 72 2d 6c 6f 67 6f 2c 2e 73 76 67 2d 69 63 6f 6e 2d 32 34 2e 62 6c 6f 67 67 65 72 2d 6c 6f 67 6f 7b 66 69 6c 6c 3a 23 66 66 39 38 30 30 3b 6f 70 61 63 69 74 79 3a 31 7d 2e 77 69 64 67 65 74 2e 53 68 61 72 69 6e 67 20 2e 73 68 61 72 69 6e 67 2d 62 75 74 74 6f 6e 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 77 69 64 67 65 74 2e 53 68 61 72 69 6e 67 20 2e 73 68 61 72 69 6e 67 2d 62 75 74 74 6f 6e 73 20 Data Ascii: 0;position:fixed;top:0;width:100%}#sharing-dim-overlay{background-color:transparent}input::-ms-clear{display:none}.blogger-logo,.svg-icon-24.blogger-logo{fill:#ff9800;opacity:1}.widget.Sharing .sharing-button{display:none}.widget.Sharing .sharing-buttons
2024-09-14 22:51:36 UTC	1390	IN	Data Raw: 68 61 72 69 6e 67 2d 5d 2c 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 20 6c 69 20 73 76 67 5b 63 6c 61 73 73 2a 3d 22 20 73 68 61 72 69 6e 67 2d 22 5d 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 31 30 70 78 7d 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 20 6c 69 20 73 70 61 6e 2e 73 68 61 72 69 6e 67 2d 70 6c 61 74 66 6f 72 6d 2d 62 75 74 74 6f 6e 2c 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 20 6c 69 20 73 70 61 6e 2e 73 68 61 72 69 6e 67 2d 70 6c 61 74 66 6f 72 6d 2d 62 75 74 74 6f 6e 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 74 6f 70 3a 30 7d 2e 73 68 61 72 65 2d 62 75 74 74 6f 6e 73 20 6c 69 20 2e 70 6c 61 74 66 6f 72 6d 2d 73 68 61 72 69 6e 67 2d 74 65 78 74 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 Data Ascii: haring-],.share-buttons li svg[class*=" sharing-"]{position:absolute;top:10px}.share-buttons li span.sharing-platform-button,.share-buttons li span.sharing-platform-button{position:relative;top:0}.share-buttons li .platform-sharing-text{display:block;font

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://facebooksecurity.blogspot.dk/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 240

Chrome Cache Entry: 241

Chrome Cache Entry: 242

Chrome Cache Entry: 243

Chrome Cache Entry: 244

Chrome Cache Entry: 245

Chrome Cache Entry: 246

Chrome Cache Entry: 247

Chrome Cache Entry: 248

Chrome Cache Entry: 249

Chrome Cache Entry: 250

Chrome Cache Entry: 251

Chrome Cache Entry: 252

Chrome Cache Entry: 253

Chrome Cache Entry: 254

Chrome Cache Entry: 255

Chrome Cache Entry: 256

Chrome Cache Entry: 257

Chrome Cache Entry: 258

Chrome Cache Entry: 259

Chrome Cache Entry: 260

Chrome Cache Entry: 261

Chrome Cache Entry: 262

Chrome Cache Entry: 263

Chrome Cache Entry: 264

Chrome Cache Entry: 265

Chrome Cache Entry: 266

Windows Analysis Report
http://facebooksecurity.blogspot.dk/

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:37 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-14 22:51:37 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF67) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=64456 Date: Sat, 14 Sep 2024 22:51:37 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:38 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-14 22:51:38 UTC	514	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=64475 Date: Sat, 14 Sep 2024 22:51:38 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-14 22:51:38 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:38 UTC	566	OUT	GET /static/v1/widgets/4140855455-widgets.js HTTP/1.1 Host: www.blogger.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-14 22:51:38 UTC	696	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech" Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} Content-Length: 145679 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 10 Sep 2024 03:00:36 GMT Expires: Wed, 10 Sep 2025 03:00:36 GMT Cache-Control: public, max-age=31536000 Last-Modified: Mon, 09 Sep 2024 21:00:51 GMT Content-Type: text/javascript Vary: Accept-Encoding Age: 417062 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-14 22:51:38 UTC	694	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 47 6f 6f 67 6c 65 20 4c 4c 43 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 76 61 72 20 61 61 3d 22 26 61 63 74 69 6f 6e 3d 22 2c 62 61 3d 22 2e 77 69 6b 69 70 65 64 69 61 2e 6f 72 67 22 2c 63 61 3d 22 53 43 52 49 50 54 22 2c 64 61 3d 22 53 50 41 4e 22 2c 65 61 3d 22 53 57 5f 52 45 41 44 45 52 5f 4c 49 53 54 5f 22 2c 66 61 3d 22 53 57 5f 52 45 41 44 45 Data Ascii: (function(){/* Copyright Google LLC SPDX-License-Identifier: Apache-2.0// Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0*/var aa="&action=",ba=".wikipedia.org",ca="SCRIPT",da="SPAN",ea="SW_READER_LIST_",fa="SW_READE
2024-09-14 22:51:38 UTC	1390	IN	Data Raw: 22 2c 42 61 3d 22 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 73 75 63 63 65 73 73 2d 6d 65 73 73 61 67 65 22 2c 43 61 3d 22 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 73 75 63 63 65 73 73 2d 6d 65 73 73 61 67 65 2d 77 69 74 68 2d 62 6f 72 64 65 72 22 2c 44 61 3d 22 64 61 74 61 2d 68 65 69 67 68 74 22 2c 45 61 3d 22 64 69 73 70 6c 61 79 4d 6f 64 65 46 75 6c 6c 22 2c 46 61 3d 22 64 69 73 70 6c 61 79 4d 6f 64 65 4c 61 79 6f 75 74 22 2c 47 61 3d 22 64 69 73 70 6c 61 79 4d 6f 64 65 4e 6f 6e 65 22 2c 6c 3d 22 64 69 76 22 2c 48 61 3d 22 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 22 2c 49 61 3d 22 65 72 72 6f 72 22 2c 4a 61 3d 22 65 78 70 61 6e 64 65 64 22 2c 6e 3d 22 66 75 6e 63 74 69 6f 6e 22 2c 4b 61 3d 22 68 69 64 64 65 6e 22 2c 4c 61 3d 22 68 74 74 70 73 3a 22 2c Data Ascii: ",Ba="contact-form-success-message",Ca="contact-form-success-message-with-border",Da="data-height",Ea="displayModeFull",Fa="displayModeLayout",Ga="displayModeNone",l="div",Ha="dropdown-toggle",Ia="error",Ja="expanded",n="function",Ka="hidden",La="https:",
2024-09-14 22:51:38 UTC	1390	IN	Data Raw: 6c 75 65 3a 62 7d 29 7d 7d 0a 77 28 22 53 79 6d 62 6f 6c 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 75 6e 63 74 69 6f 6e 20 62 28 66 29 7b 69 66 28 74 68 69 73 20 69 6e 73 74 61 6e 63 65 6f 66 20 62 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 53 79 6d 62 6f 6c 20 69 73 20 6e 6f 74 20 61 20 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 3b 72 65 74 75 72 6e 20 6e 65 77 20 63 28 64 2b 28 66 7c 7c 22 22 29 2b 22 5f 22 2b 65 2b 2b 2c 66 29 7d 66 75 6e 63 74 69 6f 6e 20 63 28 66 2c 67 29 7b 74 68 69 73 2e 41 3d 66 3b 65 62 28 74 68 69 73 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 67 7d 29 7d 69 66 28 61 29 72 65 74 75 72 6e 20 61 3b 63 2e Data Ascii: lue:b})}}w("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f\|\|"")+"_"+e++,f)}function c(f,g){this.A=f;eb(this,"description",{configurable:!0,writable:!0,value:g})}if(a)return a;c.
2024-09-14 22:51:38 UTC	1390	IN	Data Raw: 62 29 7b 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 62 3b 69 66 28 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 21 3d 3d 62 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 61 2b 22 20 69 73 20 6e 6f 74 20 65 78 74 65 6e 73 69 62 6c 65 22 29 3b 72 65 74 75 72 6e 20 61 7d 3a 6e 75 6c 6c 7d 76 61 72 20 70 62 3d 6c 62 3b 0a 66 75 6e 63 74 69 6f 6e 20 79 28 61 2c 62 29 7b 61 2e 70 72 6f 74 6f 74 79 70 65 3d 6b 62 28 62 2e 70 72 6f 74 6f 74 79 70 65 29 3b 61 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 61 3b 69 66 28 70 62 29 70 62 28 61 2c 62 29 3b 65 6c 73 65 20 66 6f 72 28 76 61 72 20 63 20 69 6e 20 62 29 69 66 28 63 21 3d 22 70 72 6f 74 6f 74 79 70 65 22 29 69 66 28 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 29 Data Ascii: b){a.__proto__=b;if(a.__proto__!==b)throw new TypeError(a+" is not extensible");return a}:null}var pb=lb;function y(a,b){a.prototype=kb(b.prototype);a.prototype.constructor=a;if(pb)pb(a,b);else for(var c in b)if(c!="prototype")if(Object.defineProperties)
2024-09-14 22:51:38 UTC	1390	IN	Data Raw: 63 68 28 43 29 7b 72 65 74 75 72 6e 21 31 7d 7d 28 29 29 72 65 74 75 72 6e 20 61 3b 76 61 72 20 67 3d 22 24 6a 73 63 6f 6d 70 5f 68 69 64 64 65 6e 5f 22 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3b 66 28 22 66 72 65 65 7a 65 22 29 3b 66 28 22 70 72 65 76 65 6e 74 45 78 74 65 6e 73 69 6f 6e 73 22 29 3b 66 28 22 73 65 61 6c 22 29 3b 76 61 72 20 68 3d 30 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6b 2c 6d 29 7b 69 66 28 21 64 28 6b 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 49 6e 76 61 6c 69 64 20 57 65 61 6b 4d 61 70 20 6b 65 79 22 29 3b 65 28 6b 29 3b 69 66 28 21 72 62 28 6b 2c 67 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 57 65 61 6b 4d 61 70 20 6b 65 79 20 66 61 69 6c 3a 20 22 2b 6b 29 3b 6b 5b 67 5d 5b 74 68 69 73 Data Ascii: ch(C){return!1}}())return a;var g="$jscomp_hidden_"+Math.random();f("freeze");f("preventExtensions");f("seal");var h=0;b.prototype.set=function(k,m){if(!d(k))throw Error("Invalid WeakMap key");e(k);if(!rb(k,g))throw Error("WeakMap key fail: "+k);k[g][this
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 73 28 29 2c 75 3d 6d 2e 6e 65 78 74 28 29 3b 69 66 28 75 2e 64 6f 6e 65 7c 7c 75 2e 76 61 6c 75 65 5b 30 5d 21 3d 68 7c 7c 75 2e 76 61 6c 75 65 5b 31 5d 21 3d 22 73 22 29 72 65 74 75 72 6e 21 31 3b 75 3d 6d 2e 6e 65 78 74 28 29 3b 72 65 74 75 72 6e 20 75 2e 64 6f 6e 65 7c 7c 75 2e 76 61 6c 75 65 5b 30 5d 2e 78 21 3d 34 7c 7c 75 2e 76 61 6c 75 65 5b 31 5d 21 3d 22 74 22 7c 7c 21 6d 2e 6e 65 78 74 28 29 2e 64 6f 6e 65 3f 0a 21 31 3a 21 30 7d 63 61 74 63 68 28 43 29 7b 72 65 74 75 72 6e 21 31 7d 7d 28 29 29 72 65 74 75 72 6e 20 61 3b 76 61 72 20 66 3d 6e 65 77 20 57 65 61 6b 4d 61 70 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 68 2c 6b 29 7b 68 3d 68 3d 3d 3d 30 3f 30 3a 68 3b 76 61 72 20 6d 3d 64 28 74 68 69 73 2c 68 29 3b Data Ascii: s(),u=m.next();if(u.done\|\|u.value[0]!=h\|\|u.value[1]!="s")return!1;u=m.next();return u.done\|\|u.value[0].x!=4\|\|u.value[1]!="t"\|\|!m.next().done?!1:!0}catch(C){return!1}}())return a;var f=new WeakMap;e.prototype.set=function(h,k){h=h===0?0:h;var m=d(this,h);
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 21 61 7c 7c 74 79 70 65 6f 66 20 61 21 3d 6e 7c 7c 21 61 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 6e 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 63 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 64 3d 6e 65 77 20 61 28 78 28 5b 63 5d 29 29 3b 69 66 28 21 64 2e 68 61 73 28 63 29 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 63 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e 65 78 74 28 29 3b 69 66 28 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 21 3d 63 7c 7c Data Ascii: !a\|\|typeof a!=n\|\|!a.prototype.entries\|\|typeof Object.seal!=n)return!1;try{var c=Object.seal({x:4}),d=new a(x([c]));if(!d.has(c)\|\|d.size!=1\|\|d.add(c)!=d\|\|d.size!=1\|\|d.add({x:4})!=d\|\|d.size!=2)return!1;var e=d.entries(),f=e.next();if(f.done\|\|f.value[0]!=c\|\|
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 65 2e 6b 65 79 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 62 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 62 7d 29 7d 7d 29 3b 77 28 22 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 62 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 72 65 74 75 72 6e 5b 62 2c 63 5d 7d 29 7d 7d 29 3b 0a 77 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 73 74 61 72 74 73 57 69 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e Data Ascii: e.keys",function(a){return a?a:function(){return tb(this,function(b){return b})}});w("Array.prototype.entries",function(a){return a?a:function(){return tb(this,function(b,c){return[b,c]})}});w("String.prototype.startsWith",function(a){return a?a:function
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 29 29 3b 72 65 74 75 72 6e 20 65 7d 7d 29 3b 77 28 22 4f 62 6a 65 63 74 2e 76 61 6c 75 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 3d 5b 5d 2c 64 3b 66 6f 72 28 64 20 69 6e 20 62 29 72 62 28 62 2c 64 29 26 26 63 2e 70 75 73 68 28 62 5b 64 5d 29 3b 72 65 74 75 72 6e 20 63 7d 7d 29 3b 77 28 22 4e 75 6d 62 65 72 2e 4d 41 58 5f 53 41 46 45 5f 49 4e 54 45 47 45 52 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 39 30 30 37 31 39 39 32 35 34 37 34 30 39 39 31 7d 29 3b 0a 77 28 22 4e 75 6d 62 65 72 2e 4d 49 4e 5f 53 41 46 45 5f 49 4e 54 45 47 45 52 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 2d 39 30 30 37 31 39 39 32 35 34 37 34 30 39 39 31 7d 29 3b Data Ascii: ));return e}});w("Object.values",function(a){return a?a:function(b){var c=[],d;for(d in b)rb(b,d)&&c.push(b[d]);return c}});w("Number.MAX_SAFE_INTEGER",function(){return 9007199254740991});w("Number.MIN_SAFE_INTEGER",function(){return-9007199254740991});
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 69 6e 64 6f 77 2c 75 62 29 3b 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 64 3d 7b 7d 2c 65 3d 77 69 6e 64 6f 77 2e 62 6c 6f 67 67 65 72 5f 62 6c 6f 67 5f 69 64 2c 66 3d 5b 22 67 6f 6f 67 6c 65 5f 62 6c 6f 67 67 65 72 5f 61 64 73 65 6e 73 65 5f 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 2c 22 62 6c 6f 67 67 65 72 5f 63 73 69 5f 65 22 2c 22 62 6c 6f 67 67 65 72 5f 74 65 6d 70 6c 61 74 65 73 5f 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 2c 22 62 6c 6f 67 67 65 72 5f 61 63 74 69 76 65 5f 65 78 70 65 72 69 6d 65 6e 74 73 22 5d 2c 0a 67 3d 5b 5d 2c 68 3d 66 2e 6c 65 6e 67 74 68 2c 6b 3d 30 3b 6b 3c 68 3b 6b 2b 2b 29 7b 76 61 72 20 6d 3d 66 5b 6b 5d 3b 6d 20 69 6e 20 77 69 6e 64 6f 77 26 26 67 2e 70 75 73 68 28 77 69 6e 64 6f 77 5b 6d 5d 29 7d Data Ascii: indow,ub);a=function(){for(var d={},e=window.blogger_blog_id,f=["google_blogger_adsense_experiment_id","blogger_csi_e","blogger_templates_experiment_id","blogger_active_experiments"],g=[],h=f.length,k=0;k<h;k++){var m=f[k];m in window&&g.push(window[m])}

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:39 UTC	450	OUT	GET /js/platform.js HTTP/1.1 Host: apis.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-14 22:51:39 UTC	837	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding Content-Type: text/javascript Access-Control-Allow-Origin: * Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team" Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} Timing-Allow-Origin: * Content-Length: 64237 Date: Sat, 14 Sep 2024 22:51:39 GMT Expires: Sat, 14 Sep 2024 22:51:39 GMT Cache-Control: private, max-age=1800, stale-while-revalidate=1800 ETag: "ad09f31c482267b6" X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-14 22:51:39 UTC	553	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 70 2c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 3c 61 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 61 5b 62 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 21 30 7d 7d 7d 2c 62 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 61 3d 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 7c 7c 61 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 29 72 65 74 75 72 6e 20 61 3b 61 5b 62 5d 3d 63 2e Data Ascii: (function(){var p,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 69 6f 6e 28 61 2c 62 29 7b 69 66 28 62 29 61 3a 7b 76 61 72 20 63 3d 72 3b 61 3d 61 2e 73 70 6c 69 74 28 22 2e 22 29 3b 66 6f 72 28 76 61 72 20 64 3d 30 3b 64 3c 61 2e 6c 65 6e 67 74 68 2d 31 3b 64 2b 2b 29 7b 76 61 72 20 65 3d 61 5b 64 5d 3b 69 66 28 21 28 65 20 69 6e 20 63 29 29 62 72 65 61 6b 20 61 3b 63 3d 63 5b 65 5d 7d 61 3d 61 5b 61 2e 6c 65 6e 67 74 68 2d 31 5d 3b 64 3d 63 5b 61 5d 3b 62 3d 62 28 64 29 3b 62 21 3d 64 26 26 62 21 3d 6e 75 6c 6c 26 26 62 61 28 63 2c 61 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 62 7d 29 7d 7d 3b 0a 75 28 22 53 79 6d 62 6f 6c 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 29 72 65 74 75 72 6e 20 61 3b 76 61 72 20 62 3d 66 75 6e 63 74 69 6f 6e 28 Data Ascii: ion(a,b){if(b)a:{var c=r;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ba(c,a,{configurable:!0,writable:!0,value:b})}};u("Symbol",function(a){if(a)return a;var b=function(
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 6f 6d 69 73 65 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 75 6e 63 74 69 6f 6e 20 62 28 29 7b 74 68 69 73 2e 41 3d 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 63 28 67 29 7b 72 65 74 75 72 6e 20 67 20 69 6e 73 74 61 6e 63 65 6f 66 20 65 3f 67 3a 6e 65 77 20 65 28 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 6b 28 67 29 7d 29 7d 69 66 28 61 29 72 65 74 75 72 6e 20 61 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 64 61 3d 66 75 6e 63 74 69 6f 6e 28 67 29 7b 69 66 28 74 68 69 73 2e 41 3d 3d 6e 75 6c 6c 29 7b 74 68 69 73 2e 41 3d 5b 5d 3b 76 61 72 20 6b 3d 74 68 69 73 3b 74 68 69 73 2e 65 61 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6b 2e 43 61 28 29 7d 29 7d 74 68 69 73 2e 41 2e 70 75 73 68 28 67 29 7d 3b 76 61 72 20 64 3d 72 2e 73 65 74 54 69 6d 65 6f 75 74 3b 62 2e 70 72 6f 74 Data Ascii: omise",function(a){function b(){this.A=null}function c(g){return g instanceof e?g:new e(function(k){k(g)})}if(a)return a;b.prototype.da=function(g){if(this.A==null){this.A=[];var k=this;this.ea(function(){k.Ca()})}this.A.push(g)};var d=r.setTimeout;b.prot
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 3d 6b 3b 74 68 69 73 2e 46 3d 3d 3d 32 26 26 74 68 69 73 2e 4b 61 28 29 3b 74 68 69 73 2e 44 61 28 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 4b 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 67 3d 74 68 69 73 3b 64 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 67 2e 46 61 28 29 29 7b 76 61 72 20 6b 3d 72 2e 63 6f 6e 73 6f 6c 65 3b 74 79 70 65 6f 66 20 6b 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 0a 6b 2e 65 72 72 6f 72 28 67 2e 4b 29 7d 7d 2c 31 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 46 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 6b 61 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 67 3d 72 2e 43 75 73 74 6f 6d 45 76 65 6e 74 2c 6b 3d 72 2e 45 76 65 6e 74 2c 68 3d 72 2e 64 69 73 70 61 74 63 68 45 76 65 6e 74 3b 69 66 28 74 Data Ascii: =k;this.F===2&&this.Ka();this.Da()};e.prototype.Ka=function(){var g=this;d(function(){if(g.Fa()){var k=r.console;typeof k!=="undefined"&&k.error(g.K)}},1)};e.prototype.Fa=function(){if(this.ka)return!1;var g=r.CustomEvent,k=r.Event,h=r.dispatchEvent;if(t
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 75 6e 63 74 69 6f 6e 28 6b 2c 68 29 7b 66 6f 72 28 76 61 72 20 6c 3d 79 28 67 29 2c 6d 3d 6c 2e 6e 65 78 74 28 29 3b 21 6d 2e 64 6f 6e 65 3b 6d 3d 6c 2e 6e 65 78 74 28 29 29 63 28 6d 2e 76 61 6c 75 65 29 2e 4c 28 6b 2c 68 29 7d 29 7d 3b 65 2e 61 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 67 29 7b 76 61 72 20 6b 3d 79 28 67 29 2c 68 3d 6b 2e 6e 65 78 74 28 29 3b 72 65 74 75 72 6e 20 68 2e 64 6f 6e 65 3f 63 28 5b 5d 29 3a 6e 65 77 20 65 28 66 75 6e 63 74 69 6f 6e 28 6c 2c 6d 29 7b 66 75 6e 63 74 69 6f 6e 20 6e 28 77 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 74 29 7b 71 5b 77 5d 3d 74 3b 76 2d 2d 3b 76 3d 3d 30 26 26 6c 28 71 29 7d 7d 76 61 72 20 71 3d 5b 5d 2c 76 3d 30 3b 64 6f 20 71 2e 70 75 73 68 28 76 6f 69 64 20 30 29 2c 76 2b 2b 2c 63 28 68 2e 76 Data Ascii: unction(k,h){for(var l=y(g),m=l.next();!m.done;m=l.next())c(m.value).L(k,h)})};e.all=function(g){var k=y(g),h=k.next();return h.done?c([]):new e(function(l,m){function n(w){return function(t){q[w]=t;v--;v==0&&l(q)}}var q=[],v=0;do q.push(void 0),v++,c(h.v
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 65 74 75 72 6e 20 63 28 68 29 26 26 7a 28 68 2c 66 29 26 26 7a 28 68 5b 66 5d 2c 74 68 69 73 2e 4a 29 7d 3b 0a 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 6c 65 74 65 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 63 28 68 29 26 26 7a 28 68 2c 66 29 26 26 7a 28 68 5b 66 5d 2c 74 68 69 73 2e 4a 29 3f 64 65 6c 65 74 65 20 68 5b 66 5d 5b 74 68 69 73 2e 4a 5d 3a 21 31 7d 3b 72 65 74 75 72 6e 20 6b 7d 29 3b 0a 75 28 22 4d 61 70 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 61 7c 7c 74 79 70 65 6f 66 20 61 21 3d 22 66 75 6e 63 74 69 6f 6e 22 7c 7c 21 61 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 22 66 75 6e 63 74 69 6f 6e 22 Data Ascii: eturn c(h)&&z(h,f)&&z(h[f],this.J)};k.prototype.delete=function(h){return c(h)&&z(h,f)&&z(h[f],this.J)?delete h[f][this.J]:!1};return k});u("Map",function(a){if(function(){if(!a\|\|typeof a!="function"\|\|!a.prototype.entries\|\|typeof Object.seal!="function"
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 74 75 72 6e 20 65 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 5b 6b 2e 6b 65 79 2c 6b 2e 76 61 6c 75 65 5d 7d 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 6b 65 79 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 20 6b 2e 6b 65 79 7d 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 76 61 6c 75 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 20 6b 2e 76 61 6c 75 65 7d 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 3d 66 75 6e 63 74 69 6f 6e 28 6b 2c 68 29 7b 66 6f 72 28 76 61 72 20 6c 3d 74 68 69 73 2e 65 6e 74 72 69 65 73 28 29 2c 6d 3b 21 Data Ascii: turn e(this,function(k){return[k.key,k.value]})};c.prototype.keys=function(){return e(this,function(k){return k.key})};c.prototype.values=function(){return e(this,function(k){return k.value})};c.prototype.forEach=function(k,h){for(var l=this.entries(),m;!
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 72 6f 72 28 22 46 69 72 73 74 20 61 72 67 75 6d 65 6e 74 20 74 6f 20 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 22 2b 63 2b 22 20 6d 75 73 74 20 6e 6f 74 20 62 65 20 61 20 72 65 67 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 75 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 64 73 57 69 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 76 61 72 20 64 3d 68 61 28 74 68 69 73 2c 62 2c 22 65 6e 64 73 57 69 74 68 22 29 3b 62 2b 3d 22 22 3b 63 3d 3d 3d 76 6f 69 64 20 30 26 26 28 63 3d 64 2e 6c 65 6e 67 74 68 29 3b 63 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 4d 61 74 68 2e 6d 69 6e 28 63 7c 30 2c 64 2e 6c 65 6e 67 74 68 29 Data Ascii: ror("First argument to String.prototype."+c+" must not be a regular expression");return a+""};u("String.prototype.endsWith",function(a){return a?a:function(b,c){var d=ha(this,b,"endsWith");b+="";c===void 0&&(c=d.length);c=Math.max(0,Math.min(c\|0,d.length)
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 73 65 6c 66 2c 69 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 74 79 70 65 6f 66 20 61 3b 62 3d 62 21 3d 22 6f 62 6a 65 63 74 22 3f 62 3a 61 3f 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 3f 22 61 72 72 61 79 22 3a 62 3a 22 6e 75 6c 6c 22 3b 72 65 74 75 72 6e 20 62 3d 3d 22 61 72 72 61 79 22 7c 7c 62 3d 3d 22 6f 62 6a 65 63 74 22 26 26 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 3d 3d 22 6e 75 6d 62 65 72 22 7d 2c 6a 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 74 79 70 65 6f 66 20 61 3b 72 65 74 75 72 6e 20 62 3d 3d 22 6f 62 6a 65 63 74 22 26 26 61 21 3d 6e 75 6c 6c 7c 7c 62 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 7d 2c 6b 61 3d 22 63 6c 6f 73 75 72 65 5f 75 69 64 5f 22 2b 28 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2a 31 45 Data Ascii: self,ia=function(a){var b=typeof a;b=b!="object"?b:a?Array.isArray(a)?"array":b:"null";return b=="array"\|\|b=="object"&&typeof a.length=="number"},ja=function(a){var b=typeof a;return b=="object"&&a!=null\|\|b=="function"},ka="closure_uid_"+(Math.random()*1E
2024-09-14 22:51:39 UTC	1390	IN	Data Raw: 64 20 30 26 26 28 74 68 69 73 2e 63 61 75 73 65 3d 62 29 7d 72 61 28 75 61 2c 45 72 72 6f 72 29 3b 75 61 2e 70 72 6f 74 6f 74 79 70 65 2e 6e 61 6d 65 3d 22 43 75 73 74 6f 6d 45 72 72 6f 72 22 3b 76 61 72 20 76 61 3b 66 75 6e 63 74 69 6f 6e 20 77 61 28 61 2c 62 29 7b 61 3d 61 2e 73 70 6c 69 74 28 22 25 73 22 29 3b 66 6f 72 28 76 61 72 20 63 3d 22 22 2c 64 3d 61 2e 6c 65 6e 67 74 68 2d 31 2c 65 3d 30 3b 65 3c 64 3b 65 2b 2b 29 63 2b 3d 61 5b 65 5d 2b 28 65 3c 62 2e 6c 65 6e 67 74 68 3f 62 5b 65 5d 3a 22 25 73 22 29 3b 75 61 2e 63 61 6c 6c 28 74 68 69 73 2c 63 2b 61 5b 64 5d 29 7d 72 61 28 77 61 2c 75 61 29 3b 77 61 2e 70 72 6f 74 6f 74 79 70 65 2e 6e 61 6d 65 3d 22 41 73 73 65 72 74 69 6f 6e 45 72 72 6f 72 22 3b 76 61 72 20 78 61 3d 66 75 6e 63 74 69 6f 6e Data Ascii: d 0&&(this.cause=b)}ra(ua,Error);ua.prototype.name="CustomError";var va;function wa(a,b){a=a.split("%s");for(var c="",d=a.length-1,e=0;e<d;e++)c+=a[e]+(e<b.length?b[e]:"%s");ua.call(this,c+a[d])}ra(wa,ua);wa.prototype.name="AssertionError";var xa=function

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:39 UTC	378	OUT	GET /static/v1/widgets/4140855455-widgets.js HTTP/1.1 Host: www.blogger.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-14 22:51:40 UTC	696	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech" Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} Content-Length: 145679 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 10 Sep 2024 02:02:10 GMT Expires: Wed, 10 Sep 2025 02:02:10 GMT Cache-Control: public, max-age=31536000 Last-Modified: Mon, 09 Sep 2024 21:00:51 GMT Content-Type: text/javascript Vary: Accept-Encoding Age: 420569 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-14 22:51:40 UTC	694	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 47 6f 6f 67 6c 65 20 4c 4c 43 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 76 61 72 20 61 61 3d 22 26 61 63 74 69 6f 6e 3d 22 2c 62 61 3d 22 2e 77 69 6b 69 70 65 64 69 61 2e 6f 72 67 22 2c 63 61 3d 22 53 43 52 49 50 54 22 2c 64 61 3d 22 53 50 41 4e 22 2c 65 61 3d 22 53 57 5f 52 45 41 44 45 52 5f 4c 49 53 54 5f 22 2c 66 61 3d 22 53 57 5f 52 45 41 44 45 Data Ascii: (function(){/* Copyright Google LLC SPDX-License-Identifier: Apache-2.0// Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0*/var aa="&action=",ba=".wikipedia.org",ca="SCRIPT",da="SPAN",ea="SW_READER_LIST_",fa="SW_READE
2024-09-14 22:51:40 UTC	1390	IN	Data Raw: 22 2c 42 61 3d 22 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 73 75 63 63 65 73 73 2d 6d 65 73 73 61 67 65 22 2c 43 61 3d 22 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 73 75 63 63 65 73 73 2d 6d 65 73 73 61 67 65 2d 77 69 74 68 2d 62 6f 72 64 65 72 22 2c 44 61 3d 22 64 61 74 61 2d 68 65 69 67 68 74 22 2c 45 61 3d 22 64 69 73 70 6c 61 79 4d 6f 64 65 46 75 6c 6c 22 2c 46 61 3d 22 64 69 73 70 6c 61 79 4d 6f 64 65 4c 61 79 6f 75 74 22 2c 47 61 3d 22 64 69 73 70 6c 61 79 4d 6f 64 65 4e 6f 6e 65 22 2c 6c 3d 22 64 69 76 22 2c 48 61 3d 22 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 22 2c 49 61 3d 22 65 72 72 6f 72 22 2c 4a 61 3d 22 65 78 70 61 6e 64 65 64 22 2c 6e 3d 22 66 75 6e 63 74 69 6f 6e 22 2c 4b 61 3d 22 68 69 64 64 65 6e 22 2c 4c 61 3d 22 68 74 74 70 73 3a 22 2c Data Ascii: ",Ba="contact-form-success-message",Ca="contact-form-success-message-with-border",Da="data-height",Ea="displayModeFull",Fa="displayModeLayout",Ga="displayModeNone",l="div",Ha="dropdown-toggle",Ia="error",Ja="expanded",n="function",Ka="hidden",La="https:",
2024-09-14 22:51:40 UTC	1390	IN	Data Raw: 6c 75 65 3a 62 7d 29 7d 7d 0a 77 28 22 53 79 6d 62 6f 6c 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 75 6e 63 74 69 6f 6e 20 62 28 66 29 7b 69 66 28 74 68 69 73 20 69 6e 73 74 61 6e 63 65 6f 66 20 62 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 53 79 6d 62 6f 6c 20 69 73 20 6e 6f 74 20 61 20 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 3b 72 65 74 75 72 6e 20 6e 65 77 20 63 28 64 2b 28 66 7c 7c 22 22 29 2b 22 5f 22 2b 65 2b 2b 2c 66 29 7d 66 75 6e 63 74 69 6f 6e 20 63 28 66 2c 67 29 7b 74 68 69 73 2e 41 3d 66 3b 65 62 28 74 68 69 73 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 67 7d 29 7d 69 66 28 61 29 72 65 74 75 72 6e 20 61 3b 63 2e Data Ascii: lue:b})}}w("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f\|\|"")+"_"+e++,f)}function c(f,g){this.A=f;eb(this,"description",{configurable:!0,writable:!0,value:g})}if(a)return a;c.
2024-09-14 22:51:40 UTC	1390	IN	Data Raw: 62 29 7b 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 62 3b 69 66 28 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 21 3d 3d 62 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 61 2b 22 20 69 73 20 6e 6f 74 20 65 78 74 65 6e 73 69 62 6c 65 22 29 3b 72 65 74 75 72 6e 20 61 7d 3a 6e 75 6c 6c 7d 76 61 72 20 70 62 3d 6c 62 3b 0a 66 75 6e 63 74 69 6f 6e 20 79 28 61 2c 62 29 7b 61 2e 70 72 6f 74 6f 74 79 70 65 3d 6b 62 28 62 2e 70 72 6f 74 6f 74 79 70 65 29 3b 61 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 61 3b 69 66 28 70 62 29 70 62 28 61 2c 62 29 3b 65 6c 73 65 20 66 6f 72 28 76 61 72 20 63 20 69 6e 20 62 29 69 66 28 63 21 3d 22 70 72 6f 74 6f 74 79 70 65 22 29 69 66 28 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 29 Data Ascii: b){a.__proto__=b;if(a.__proto__!==b)throw new TypeError(a+" is not extensible");return a}:null}var pb=lb;function y(a,b){a.prototype=kb(b.prototype);a.prototype.constructor=a;if(pb)pb(a,b);else for(var c in b)if(c!="prototype")if(Object.defineProperties)
2024-09-14 22:51:40 UTC	1390	IN	Data Raw: 63 68 28 43 29 7b 72 65 74 75 72 6e 21 31 7d 7d 28 29 29 72 65 74 75 72 6e 20 61 3b 76 61 72 20 67 3d 22 24 6a 73 63 6f 6d 70 5f 68 69 64 64 65 6e 5f 22 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3b 66 28 22 66 72 65 65 7a 65 22 29 3b 66 28 22 70 72 65 76 65 6e 74 45 78 74 65 6e 73 69 6f 6e 73 22 29 3b 66 28 22 73 65 61 6c 22 29 3b 76 61 72 20 68 3d 30 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6b 2c 6d 29 7b 69 66 28 21 64 28 6b 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 49 6e 76 61 6c 69 64 20 57 65 61 6b 4d 61 70 20 6b 65 79 22 29 3b 65 28 6b 29 3b 69 66 28 21 72 62 28 6b 2c 67 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 57 65 61 6b 4d 61 70 20 6b 65 79 20 66 61 69 6c 3a 20 22 2b 6b 29 3b 6b 5b 67 5d 5b 74 68 69 73 Data Ascii: ch(C){return!1}}())return a;var g="$jscomp_hidden_"+Math.random();f("freeze");f("preventExtensions");f("seal");var h=0;b.prototype.set=function(k,m){if(!d(k))throw Error("Invalid WeakMap key");e(k);if(!rb(k,g))throw Error("WeakMap key fail: "+k);k[g][this
2024-09-14 22:51:40 UTC	1390	IN	Data Raw: 73 28 29 2c 75 3d 6d 2e 6e 65 78 74 28 29 3b 69 66 28 75 2e 64 6f 6e 65 7c 7c 75 2e 76 61 6c 75 65 5b 30 5d 21 3d 68 7c 7c 75 2e 76 61 6c 75 65 5b 31 5d 21 3d 22 73 22 29 72 65 74 75 72 6e 21 31 3b 75 3d 6d 2e 6e 65 78 74 28 29 3b 72 65 74 75 72 6e 20 75 2e 64 6f 6e 65 7c 7c 75 2e 76 61 6c 75 65 5b 30 5d 2e 78 21 3d 34 7c 7c 75 2e 76 61 6c 75 65 5b 31 5d 21 3d 22 74 22 7c 7c 21 6d 2e 6e 65 78 74 28 29 2e 64 6f 6e 65 3f 0a 21 31 3a 21 30 7d 63 61 74 63 68 28 43 29 7b 72 65 74 75 72 6e 21 31 7d 7d 28 29 29 72 65 74 75 72 6e 20 61 3b 76 61 72 20 66 3d 6e 65 77 20 57 65 61 6b 4d 61 70 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 68 2c 6b 29 7b 68 3d 68 3d 3d 3d 30 3f 30 3a 68 3b 76 61 72 20 6d 3d 64 28 74 68 69 73 2c 68 29 3b Data Ascii: s(),u=m.next();if(u.done\|\|u.value[0]!=h\|\|u.value[1]!="s")return!1;u=m.next();return u.done\|\|u.value[0].x!=4\|\|u.value[1]!="t"\|\|!m.next().done?!1:!0}catch(C){return!1}}())return a;var f=new WeakMap;e.prototype.set=function(h,k){h=h===0?0:h;var m=d(this,h);
2024-09-14 22:51:40 UTC	1390	IN	Data Raw: 21 61 7c 7c 74 79 70 65 6f 66 20 61 21 3d 6e 7c 7c 21 61 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 6e 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 63 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 64 3d 6e 65 77 20 61 28 78 28 5b 63 5d 29 29 3b 69 66 28 21 64 2e 68 61 73 28 63 29 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 63 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e 65 78 74 28 29 3b 69 66 28 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 21 3d 63 7c 7c Data Ascii: !a\|\|typeof a!=n\|\|!a.prototype.entries\|\|typeof Object.seal!=n)return!1;try{var c=Object.seal({x:4}),d=new a(x([c]));if(!d.has(c)\|\|d.size!=1\|\|d.add(c)!=d\|\|d.size!=1\|\|d.add({x:4})!=d\|\|d.size!=2)return!1;var e=d.entries(),f=e.next();if(f.done\|\|f.value[0]!=c\|\|
2024-09-14 22:51:40 UTC	1390	IN	Data Raw: 65 2e 6b 65 79 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 62 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 62 7d 29 7d 7d 29 3b 77 28 22 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 62 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 72 65 74 75 72 6e 5b 62 2c 63 5d 7d 29 7d 7d 29 3b 0a 77 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 73 74 61 72 74 73 57 69 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e Data Ascii: e.keys",function(a){return a?a:function(){return tb(this,function(b){return b})}});w("Array.prototype.entries",function(a){return a?a:function(){return tb(this,function(b,c){return[b,c]})}});w("String.prototype.startsWith",function(a){return a?a:function
2024-09-14 22:51:40 UTC	1390	IN	Data Raw: 29 29 3b 72 65 74 75 72 6e 20 65 7d 7d 29 3b 77 28 22 4f 62 6a 65 63 74 2e 76 61 6c 75 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 3d 5b 5d 2c 64 3b 66 6f 72 28 64 20 69 6e 20 62 29 72 62 28 62 2c 64 29 26 26 63 2e 70 75 73 68 28 62 5b 64 5d 29 3b 72 65 74 75 72 6e 20 63 7d 7d 29 3b 77 28 22 4e 75 6d 62 65 72 2e 4d 41 58 5f 53 41 46 45 5f 49 4e 54 45 47 45 52 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 39 30 30 37 31 39 39 32 35 34 37 34 30 39 39 31 7d 29 3b 0a 77 28 22 4e 75 6d 62 65 72 2e 4d 49 4e 5f 53 41 46 45 5f 49 4e 54 45 47 45 52 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 2d 39 30 30 37 31 39 39 32 35 34 37 34 30 39 39 31 7d 29 3b Data Ascii: ));return e}});w("Object.values",function(a){return a?a:function(b){var c=[],d;for(d in b)rb(b,d)&&c.push(b[d]);return c}});w("Number.MAX_SAFE_INTEGER",function(){return 9007199254740991});w("Number.MIN_SAFE_INTEGER",function(){return-9007199254740991});
2024-09-14 22:51:40 UTC	1390	IN	Data Raw: 69 6e 64 6f 77 2c 75 62 29 3b 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 64 3d 7b 7d 2c 65 3d 77 69 6e 64 6f 77 2e 62 6c 6f 67 67 65 72 5f 62 6c 6f 67 5f 69 64 2c 66 3d 5b 22 67 6f 6f 67 6c 65 5f 62 6c 6f 67 67 65 72 5f 61 64 73 65 6e 73 65 5f 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 2c 22 62 6c 6f 67 67 65 72 5f 63 73 69 5f 65 22 2c 22 62 6c 6f 67 67 65 72 5f 74 65 6d 70 6c 61 74 65 73 5f 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 2c 22 62 6c 6f 67 67 65 72 5f 61 63 74 69 76 65 5f 65 78 70 65 72 69 6d 65 6e 74 73 22 5d 2c 0a 67 3d 5b 5d 2c 68 3d 66 2e 6c 65 6e 67 74 68 2c 6b 3d 30 3b 6b 3c 68 3b 6b 2b 2b 29 7b 76 61 72 20 6d 3d 66 5b 6b 5d 3b 6d 20 69 6e 20 77 69 6e 64 6f 77 26 26 67 2e 70 75 73 68 28 77 69 6e 64 6f 77 5b 6d 5d 29 7d Data Ascii: indow,ub);a=function(){for(var d={},e=window.blogger_blog_id,f=["google_blogger_adsense_experiment_id","blogger_csi_e","blogger_templates_experiment_id","blogger_active_experiments"],g=[],h=f.length,k=0;k<h;k++){var m=f[k];m in window&&g.push(window[m])}

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:41 UTC	639	OUT	GET /dyn-css/authorization.css?targetBlogID=6293774250085653011&zx=47a2a7c7-d7bb-4a04-8cfd-fe2cf880b27d HTTP/1.1 Host: www.blogger.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-14 22:51:42 UTC	1132	IN	HTTP/1.1 200 OK P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." Content-Security-Policy: script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport Content-Type: text/css; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Sat, 14 Sep 2024 22:51:42 GMT Last-Modified: Sat, 14 Sep 2024 22:51:42 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-14 22:51:42 UTC	6	IN	Data Raw: 31 0d 0a 0a 0d 0a Data Ascii: 1
2024-09-14 22:51:42 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:41 UTC	899	OUT	GET /img/b/R29vZ2xl/AVvXsEjhRdUkdNaj7S0PczG7Rmt23sdOM3ZHfOgcIbOX4UOuhB5r-PBVtOSQjpp9PBLUMwaQcCeNwvrD7-SUSMWFxH7Jo7pGJAWxx5EhwHnoCa2pNWDmIeVYdgUyhwAHcKJc566cHe-ep2nVPDA/w72-h72-p-k-no-nu/https-background.jpg HTTP/1.1 Host: blogger.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-14 22:51:42 UTC	476	IN	HTTP/1.1 200 OK Content-Type: image/jpeg Vary: Origin Access-Control-Expose-Headers: Content-Length ETag: "v126" Expires: Sun, 15 Sep 2024 22:51:42 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="https-background.jpg" X-Content-Type-Options: nosniff Date: Sat, 14 Sep 2024 22:51:42 GMT Server: fife Content-Length: 2354 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-14 22:51:42 UTC	914	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff e1 00 2a 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 01 00 31 01 02 00 07 00 00 00 1a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 ff db 00 84 00 03 02 02 03 02 02 03 03 03 0f 0e 0f 0d 04 05 08 08 05 0f 0d 0d 0a 0a 09 0e 08 0c 08 0d 0f 0b 0d 0d 0e 0f 0b 0d 0b 0a 0f 08 09 08 08 08 0e 0e 0f 0d 08 0e 0b 0d 0a 08 0f 0d 0d 0d 0e 08 0d 0d 08 01 03 04 04 06 05 06 08 06 05 08 08 09 08 08 14 08 14 14 14 14 08 08 08 14 14 11 08 14 08 08 14 09 14 08 08 08 09 08 14 08 08 08 08 14 14 0a 14 14 08 0a 14 14 14 14 14 08 0e 0a 08 08 08 08 08 08 ff c0 00 11 08 00 48 00 48 03 01 11 00 02 11 01 03 11 01 ff c4 00 1d 00 00 01 05 01 01 01 01 00 00 00 00 00 00 00 00 00 07 02 03 04 05 06 08 09 01 00 ff c4 00 39 10 00 02 Data Ascii: JFIFExifII1GoogleHH9
2024-09-14 22:51:42 UTC	1390	IN	Data Raw: 95 43 54 d5 31 ca f4 a6 36 3d 40 e9 0c d6 30 c9 1b f5 5c 8b ca f0 7a 58 00 79 5e eb 80 99 bb 9a 47 55 6d 9e d5 68 3d 71 94 d7 d5 c9 06 77 cb aa c6 4a 85 11 c5 53 4c 8c 85 93 aa cd e4 11 49 19 16 2c 1e 40 14 2b 7a 86 af 55 8d 75 e1 3a aa 6d 32 93 bc f4 5a c2 89 c6 59 25 db a9 15 72 a8 3c 52 ec 42 1a 85 b8 1c 4a 87 0e 5c 85 6a 62 d3 6b c9 be 5b 72 f7 ea ec e0 ed 8e b9 f1 4e 68 89 a4 4d 77 e7 a6 e3 c7 a7 a8 b1 b6 5a 5f 55 6a 7d b2 cf 1b 45 56 dc e6 f9 13 1a 70 ce c6 6a 7c d9 4a 94 23 b9 02 29 0f 35 6e d1 b3 21 8c dd c3 02 bc 7c 24 74 8b 45 a6 62 7b c4 ce f5 3f 1f ea cb f3 87 27 d6 5b 16 4c 14 c7 6a da 79 6d 15 8a 45 a9 3b d6 f5 1a 99 ed d7 7d 3a d7 51 e2 cf 3c a3 ce f4 f6 e7 6c 0e 6d ad 78 f5 73 fc aa bf 4d e7 f6 3c 91 e6 9a 90 4d 1b 5f 8a 82 5e 5a 06 ed 60 Data Ascii: CT16=@0\zXy^GUmh=qwJSLI,@+zUu:m2ZY%r<RBJ\jbk[rNhMwZ_Uj}EVpj\|J#)5n!\|$tEb{?'[LjymE;}:Q<lmxsM<M_^Z`
2024-09-14 22:51:42 UTC	50	IN	Data Raw: 08 17 17 17 23 d3 00 d9 ab 84 71 ee 3c de 9d f0 0b 80 ad 49 f6 7d ff 00 f7 e7 db 01 f0 d5 41 1a f2 62 3f 98 f9 e0 1e 8e aa 13 7e e3 b7 af 71 80 ff d9 Data Ascii: #q<I}Ab?~q

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:41 UTC	898	OUT	GET /img/b/R29vZ2xl/AVvXsEhEGDod2aeN5Cyyth-7i4WsBV2vJCfbByVNkRreVRc0U9x-9zKrNUucFptBcigY4SPCUk80y55ymkWgMNBal0QqGA0ky1hFlm-t_wW6bQo6i4VkdC2WOUppg5SE3XvtMzxr3TvAurbpCuQ/w72-h72-p-k-no-nu/t1larg.facebook.jpg HTTP/1.1 Host: blogger.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-14 22:51:42 UTC	475	IN	HTTP/1.1 200 OK Content-Type: image/jpeg Vary: Origin Access-Control-Expose-Headers: Content-Length ETag: "v1c9" Expires: Sun, 15 Sep 2024 22:51:42 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="t1larg.facebook.jpg" X-Content-Type-Options: nosniff Date: Sat, 14 Sep 2024 22:51:42 GMT Server: fife Content-Length: 4928 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-14 22:51:42 UTC	915	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff e1 00 2a 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 01 00 31 01 02 00 07 00 00 00 1a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 ff db 00 84 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 11 13 15 12 17 0b 19 10 12 15 0f 15 15 0e 10 10 10 10 13 0f 17 10 11 0e 13 16 10 15 12 0f 11 10 10 0f 11 10 01 03 04 04 06 05 06 0a 06 06 0a 10 0e 0b 0e 10 10 10 10 11 13 0f 0f 0f 0f 12 10 11 12 0f 0f 13 10 12 15 12 0f 11 10 10 0d 12 10 13 0f 0f 0f 12 10 0f 0d 0f 12 10 0f 0f 12 13 0f 10 0f 0f 0f 10 0f ff c0 00 11 08 00 48 00 48 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 03 01 01 01 00 03 00 00 00 00 00 00 00 00 00 04 06 07 05 03 08 01 02 09 ff c4 00 3b 10 00 01 03 Data Ascii: JFIFExifII1GoogleHH;
2024-09-14 22:51:42 UTC	1390	IN	Data Raw: d4 21 cb 7a ac 1a 72 25 4e 65 29 05 a9 0b 0c a9 20 85 80 06 4f f9 dc 60 a9 49 18 fb 9c b6 7c e3 e0 be 19 32 72 a4 06 c6 97 74 bd 45 41 f6 fa 73 a3 bd 58 8a 79 f3 d2 ce 77 3b 5e 9f 39 f1 dd 48 ea cf 78 5a 84 8a 5b b5 35 db 70 15 12 42 c5 31 55 25 c4 75 a8 ef 4a 31 95 b4 05 e4 05 29 2a 69 6f 2b 61 07 04 21 45 b1 b0 9c 03 f4 f7 87 2e 7a b6 69 65 42 60 65 29 20 d8 3b e8 d6 21 21 eb 63 5b 45 d5 3e 72 40 51 b5 5a 9c 3e 3b b4 6f d1 bb 4d d5 db 61 b7 a3 b1 6c db d7 0d 32 6a da dd 16 ab e1 4a 61 0e 87 96 d8 73 69 e5 0a 43 65 4e 15 83 c3 4e 10 37 af 7b 69 f4 66 78 ff 00 87 6d 00 12 b5 a4 87 aa 5c 16 60 48 71 70 4f a7 8a 5c 90 2a 71 89 4b 50 62 9f 86 ef f2 33 b3 5e 9a 59 fa a7 4d d6 0b 5a eb bd 6c 99 af 53 ed ea 7b 74 d8 d4 ca 2b 4c 25 10 12 b8 eb 6d 29 d9 bc 00 12 Data Ascii: !zr%Ne) O`I\|2rtEAsXyw;^9HxZ[5pB1U%uJ1)io+a!E.zieB`e) ;!!c[E>r@QZ>;oMal2jJasiCeNN7{ifxm\`HqpO\qKPb3^YMZlS{t+L%m)
2024-09-14 22:51:42 UTC	1390	IN	Data Raw: ad 64 12 7c ca 52 49 d8 12 94 ec 47 ea ed bc 29 95 84 b3 64 cf bb ed 46 b0 cd e3 8e c9 98 51 cf 4d 7e d5 1c f5 02 2e 7a a7 a1 43 54 69 15 ea 4b f7 35 76 91 4f ac b7 b6 64 68 0b 8e a6 de 05 29 49 e1 6d b9 b3 72 46 c3 e1 ec f7 23 0a 24 f5 f2 09 98 a4 10 45 c1 71 41 dd e2 ea 92 14 f7 63 71 94 46 75 37 b5 1b 9a 4e aa 68 19 b0 1e 85 47 b1 2c 08 ef 46 7d 15 04 aa 53 a9 fb 9d 89 3e 11 c7 8b 94 0d a5 44 82 3d 7d 80 ea 65 43 cb 28 01 dc 87 a1 cb ba d3 21 14 00 f9 98 f7 30 fb fd a1 9a 97 da 2d 62 dc d2 4d 4d a0 51 35 0e a7 0e f3 bd 6a 0f 55 df ba a3 32 19 53 6f b8 84 8c 06 c7 29 4e d4 90 40 56 ff 00 31 29 50 e3 ab f9 c5 6a 0a 50 05 80 19 8b 0c 3d 68 fc 72 68 9f 95 86 5f 96 9b 39 3c 5c b9 e5 0a 9a 71 d9 f5 e3 69 f7 0e de a2 4b ac 50 fe 1d 9b 59 ca 42 19 a7 bb 35 4a Data Ascii: d\|RIG)dFQM~.zCTiK5vOdh)ImrF#$EqAcqFu7NhG,F}S>D=}eC(!0-bMMQ5jU2So)N@V1)PjP=hrh_9<\qiKPYB5J
2024-09-14 22:51:42 UTC	1233	IN	Data Raw: 26 83 50 06 7b e3 43 59 51 78 eb 26 85 f6 bd 6c d6 ad fa c0 95 32 b7 18 57 72 c2 89 8a a8 fb 52 54 a3 83 80 46 f2 9f 9f 18 f3 00 0e 79 6a 4a 36 79 a9 51 70 41 4f b8 ea 28 5d a3 4a 92 17 b4 21 4c c0 3a 9f 7b 37 52 fd 23 72 f8 ee 9b 5e ea 5a c5 7e da d6 8d 32 9f 4a 8b 6d c8 6d ba 6b 35 26 7c 35 54 5a dc 39 0a 56 37 64 73 c0 23 6e 73 8c 0e ba 6a 90 90 84 a4 2a a1 c9 a6 59 0b 73 e7 68 84 b2 b5 02 a2 45 d9 b7 7c ef ca 2d bd b9 77 83 1f 56 65 fd 9b 56 10 60 d5 04 65 c9 7a 1b 24 a5 e8 c9 48 c9 ca 48 07 18 f7 3c 64 72 7c c9 1d 3a 89 4d 59 83 b0 b4 58 55 cb da 1e 69 1d d9 e9 5d c4 d4 57 d8 b8 db f8 49 92 dc a7 b6 b7 9b 21 0a 75 23 9c 7e b7 18 e5 39 f9 fa 74 ab 60 e5 56 ab fd cf c3 c2 26 68 50 04 3d 6d 48 7e ba f5 2a d6 b2 5f 6e 2d 7e bb 0a 96 e3 a0 29 b1 2d e0 81 Data Ascii: &P{CYQx&l2WrRTFyjJ6yQpAO(]J!L:{7R#r^Z~2Jmmk5&\|5TZ9V7ds#nsjYshE\|-wVeV`ez$HH<dr\|:MYXUi]WI!u#~9t`V&hP=mH~_n-~)-

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:41 UTC	896	OUT	GET /img/b/R29vZ2xl/AVvXsEhrLaU42y46_ybqP8t2TS9ekCY2dCKk-oGYyBd18CBMybseiMun4aeXWp7YnK-VqYnCm59QOdb2bq6sXH-yCFw7CeNLKoz0GL3JeiewV2XggyNOeaVbGYuZ49RyTj5K92Bs-oXRa7IR428/w72-h72-p-k-no-nu/Facebook-hack.jpg HTTP/1.1 Host: blogger.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-14 22:51:42 UTC	473	IN	HTTP/1.1 200 OK Content-Type: image/jpeg Vary: Origin Access-Control-Expose-Headers: Content-Length ETag: "v195" Expires: Sun, 15 Sep 2024 22:51:42 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="Facebook-hack.jpg" X-Content-Type-Options: nosniff Date: Sat, 14 Sep 2024 22:51:42 GMT Server: fife Content-Length: 3068 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-14 22:51:42 UTC	917	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff e1 00 2a 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 01 00 31 01 02 00 07 00 00 00 1a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 ff db 00 84 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 0e 05 0e 04 0d 0b 0f 0e 0e 10 0e 0f 10 0c 0b 10 0d 0f 0a 0f 08 11 0f 0f 12 0d 11 10 0f 0e 0f 0e 0d 0d 0d 0e 0f 0f 0b 0d 10 0d 0d 0a 0d 0f 0e 0f 0d 01 03 04 04 06 05 06 0a 06 06 0a 11 0d 0a 0e 0e 10 0f 0e 10 10 0f 10 15 0d 10 0f 13 11 0f 10 10 11 10 0d 10 0e 0f 0d 0d 11 10 0d 0f 0d 0f 0d 0f 10 0d 0f 0d 0f 10 10 0d 0e 0e 0f 10 0f 0d 0e 0d 10 ff c0 00 11 08 00 48 00 48 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 01 04 03 01 00 00 00 00 00 00 00 00 00 00 00 07 00 01 05 06 03 04 08 02 ff c4 00 34 10 00 01 02 Data Ascii: JFIFExifII1GoogleHH4
2024-09-14 22:51:42 UTC	1390	IN	Data Raw: 66 f1 c2 e2 e3 3e 79 9f 65 6a a6 39 0c cf 20 6b 63 d0 20 ad c5 49 b8 ed 7a bc 49 2a ec b5 56 97 53 51 4c 63 06 26 69 51 21 f1 53 1f d4 c5 f1 50 76 2f 89 7d 6c c7 ba 7b 6e c2 08 0a a3 b1 35 d9 de ea 76 b9 b6 1b 87 69 52 13 70 d5 ad da ed 2e 41 4c bf 88 29 2a 0d 91 77 51 cb 24 e4 a5 3f bd 9d 4a fa 9d 42 ca 8a 79 1d bb 63 85 d4 8e 8e 56 0c 44 1b 2c 51 36 de fe 93 b5 17 75 ae 85 5c 83 6f c5 85 99 a9 b2 82 4a 0f 39 2b 9c b1 3e 72 23 16 e5 db 9d 37 d4 e5 fb a0 e1 7e 4b 85 92 06 e2 23 2e 6a 32 93 b5 77 9d ff 00 6d d5 a7 2d bb 66 a7 5c 93 96 42 90 62 a1 0e 32 c5 c8 1c f2 a6 67 4a 72 3e 1c 72 1e 77 54 c1 03 c6 37 00 54 7b a9 1e d2 58 2e ba 7f ae 13 58 8f ba 96 9d 3a 85 02 62 6e a1 56 a0 c5 a6 7a 44 27 25 2d 2b 88 4a 91 88 0e 5f 10 af db 00 a7 0d af 99 d8 b8 04 4f Data Ascii: f>yej9 kc IzIVSQLc&iQ!SPv/}l{n5viRp.AL)wQ$?JBycVD,Q6u\oJ9+>r#7~K#.j2wm-f\Bb2gJr>rwT7T{X.X:bnVzD'%-+J_O
2024-09-14 22:51:42 UTC	761	IN	Data Raw: 88 e8 4f 6f 0c b2 70 12 54 e4 62 cc c4 92 c2 9f 69 8f f0 fd c5 fb f8 ef 6f 0b 29 77 4f ed 58 ed dd c3 65 92 d0 be e0 da 96 ce da c6 89 82 e9 97 35 dd 31 49 ee bf 8e e2 aa 31 a1 9f f2 89 0e 1a 07 d7 b9 ff 00 7c 92 03 23 e4 b6 ad 68 77 f6 8f 92 54 82 4c 21 97 e2 e2 3d 6e 57 24 da 3d 5a dd f6 ae ed de 57 94 bd 2a 97 1e 2d cc 88 5d da 69 52 c4 30 a8 48 4c 24 29 0a 7c 81 00 17 77 cb 26 e1 92 df 53 2e cb 8a 48 19 11 71 ee de c6 dc 0e 7e eb 1d 95 6e 6c 8e 92 d9 ba d7 e5 92 d0 dc ee ab 6f ad c7 92 b5 fd 74 2a 7d 3e a7 40 ab fc 5a 1c fc 20 a0 ac da 22 42 4a 0a 88 c4 05 63 e4 95 01 ee 25 cb cb 4b b3 21 83 1d 89 2d 73 70 91 f3 ea 17 25 aa 74 98 6f 95 8d d5 9f 70 7a da bd af 7b 42 0d 22 3d 0e 87 26 44 c4 29 85 4d 03 11 44 aa 14 44 46 4b 20 a8 04 82 a4 87 19 2b 87 00 Data Ascii: OopTbio)wOXe51I1\|#hwTL!=nW$=ZW-]iR0HL$)\|w&S.Hq~nlot}>@Z "BJc%K!-sp%topz{B"=&D)MDDFK +

Timestamp	Bytes transferred	Direction	Data
2024-09-14 22:51:41 UTC	898	OUT	GET /img/b/R29vZ2xl/AVvXsEgjG5jwKTmdCF1f6QElHBAkWo5QluyxRuut9jiBFCHicIbPaqEScEy5hzk3MXCblp75tc99xWe7giMSLtAz7lnCUBwh9eTdeRDCwqWnoQoEQAm2L3k6NruPCD_xewvF5qYfDX52wX5Y1RQ/w72-h72-p-k-no-nu/facebook-google.jpg HTTP/1.1 Host: blogger.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://facebooksecurity.blogspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-14 22:51:42 UTC	475	IN	HTTP/1.1 200 OK Content-Type: image/jpeg Vary: Origin Access-Control-Expose-Headers: Content-Length ETag: "v1c4" Expires: Sun, 15 Sep 2024 22:51:42 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="facebook-google.jpg" X-Content-Type-Options: nosniff Date: Sat, 14 Sep 2024 22:51:42 GMT Server: fife Content-Length: 3008 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-14 22:51:42 UTC	915	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff e1 00 2a 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 01 00 31 01 02 00 07 00 00 00 1a 00 00 00 00 00 00 00 47 6f 6f 67 6c 65 00 00 ff db 00 84 00 03 02 02 03 02 02 03 03 03 03 04 03 03 08 0e 08 05 05 0e 08 0f 10 08 07 0f 08 0c 0e 0f 08 0d 08 11 0b 09 0e 11 0d 10 11 11 0d 08 10 0b 16 0a 0e 08 0d 15 15 15 09 08 0b 11 10 10 18 0d 10 0f 0f 01 03 04 04 06 05 06 0a 06 06 0a 0f 0d 0a 0d 0f 0f 10 10 11 0e 10 11 0e 10 0e 11 0f 0d 10 0d 0f 12 10 0e 0f 10 11 10 0d 10 0d 0e 0f 12 0f 0d 0f 0e 0f 0d 0d 0f 10 0d 0d 0d 0e 10 0f 0d 0e 0d 0d 0d ff c0 00 11 08 00 48 00 48 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 07 01 06 05 08 09 04 03 ff c4 00 34 10 00 01 03 Data Ascii: JFIFExifII1GoogleHH4
2024-09-14 22:51:42 UTC	1390	IN	Data Raw: 21 c9 b2 ab 4c cb 97 94 82 2a 0b 92 54 4e e2 8f fd 55 05 14 94 4d 45 51 10 95 51 30 b8 ba 2f ed c8 24 54 19 6b f9 bf c1 57 e8 2a 08 18 4e 6b 36 3d 39 5d a1 69 cc 99 26 99 50 8d 73 0c b6 68 4c c5 56 ff 00 38 d4 d9 59 9d f4 3e 58 54 e2 2a 9e 05 53 d2 65 cf c2 a2 57 3b 4a 97 48 1a 08 c0 5a 5d 8b 86 71 11 f9 aa 9b e1 df 84 92 0c cc 47 1c a5 32 3f a7 d4 77 22 75 17 52 61 d1 e0 e8 44 9a d9 fc fd 48 f4 71 54 ca 78 f8 a7 c5 17 54 76 e1 0e b5 04 76 87 a1 52 58 88 af 07 b2 7d 42 e9 1a 7c 35 c1 ae 99 4e 88 b9 a5 ba b7 f4 6d ad eb e6 e0 bb 66 45 7e 74 58 8f 34 e3 80 d6 11 c2 43 a7 37 1d 11 39 2a 27 85 79 0b ca ff 00 c5 75 df da d0 35 f6 6b 69 0d 48 d4 f2 7c fd 97 2b 55 f8 2e 9c e3 b8 ff 00 08 fb af 36 da 75 33 68 ed 76 dc 53 69 74 cb 1c da b9 00 29 e3 50 70 51 a0 6d Data Ascii: !LTNUMEQQ0/$TkWNk6=9]i&PshLV8Y>XTSeW;JHZ]qG2?w"uRaDHqTxTvvRX}B\|5NmfE~tX4C79'yu5kiH\|+U.6u3hvSit)PpQm
2024-09-14 22:51:42 UTC	703	IN	Data Raw: 05 4e be ba ca 23 44 5a fb bd e3 55 db bd ee b1 b7 54 69 53 eb 96 bc 76 27 d0 2b 49 18 49 f9 0c b7 20 da 90 13 85 86 d1 4d c1 43 8a 80 62 02 44 88 42 48 2b 85 d6 fe cd d4 eb 5a 55 b4 2e 0d 79 73 5e d9 c8 3a 01 05 b3 b8 c1 90 4e 59 1e 4a 8d 62 e6 54 6b c0 96 e8 79 7e 4e 7a 2f 5d e5 bc 55 ba fd 7a df a2 d8 0b 0e b5 06 a0 92 a3 ba e8 83 a2 51 d4 63 ba e8 3e 47 fe c4 cb c2 db 48 24 28 a9 cc bc 2f cb 5a eb 66 f4 15 0b dc 5a f0 3e 5d 21 c4 98 f4 cd 5d b7 ac d1 71 4c bc 4b 24 17 65 9c 03 f7 49 4a e6 c9 c4 dd ab 5b 69 02 97 44 b8 6c 3d d9 84 51 61 55 a5 45 42 87 3d 86 1a 02 59 22 52 8c 78 3c 04 e7 81 4f cf 42 57 b9 a2 60 8d 75 a0 6b 9f 81 a1 83 31 ac e9 a4 7a ae 82 bd 2a 3d 2d 67 b9 c1 cd d5 84 1c cf cc 23 2c e3 e5 99 07 4e f8 48 c8 1b 35 ba 1e f6 ac 51 d9 dd 1b Data Ascii: N#DZUTiSv'+II MCbDBH+ZU.ys^:NYJbTky~Nz/]UzQc>GH$(/ZfZ>]!]qLK$eIJ[iDl=QaUEB=Y"Rx<OBW`uk1z*=-g#,NH5Q