Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    184s
  • max time network
    192s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220113
  • submitted
    11/02/2022, 06:54 UTC

General

  • Target

    570bdefc9c230fa190c9c16763c65ca7b3c488b4941919df6b356c85e8d4e8fc.exe

  • Size

    55KB

  • MD5

    edfbee8bcd1f618f35c1521e127cb9bf

  • SHA1

    d7fb17f6a391d32def76af948f76d78303cf7d79

  • SHA256

    570bdefc9c230fa190c9c16763c65ca7b3c488b4941919df6b356c85e8d4e8fc

  • SHA512

    304aae85700d59dc56b407ea39d067311d48c4789a3dea190890dd210cd10009d4d2527e590caba60a6508d96cc02cac1d8543441a1db77dada2b8881da017ab

Malware Config

Signatures

  • GlobeImposter

    GlobeImposter is a ransomware first seen in 2017.

  • Suspicious use of NtCreateProcessExOtherParentProcess 1 IoCs
  • Adds Run key to start application 2 TTPs 2 IoCs
  • Drops desktop.ini file(s) 9 IoCs
  • Drops file in Windows directory 6 IoCs
  • Program crash 1 IoCs
  • Enumerates system info in registry 2 TTPs 2 IoCs
  • Modifies data under HKEY_USERS 1 IoCs
  • Modifies registry class 30 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\570bdefc9c230fa190c9c16763c65ca7b3c488b4941919df6b356c85e8d4e8fc.exe
    "C:\Users\Admin\AppData\Local\Temp\570bdefc9c230fa190c9c16763c65ca7b3c488b4941919df6b356c85e8d4e8fc.exe"
    1⤵
    • Adds Run key to start application
    • Drops desktop.ini file(s)
    PID:4492
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
    1⤵
    • Drops file in Windows directory
    • Suspicious use of AdjustPrivilegeToken
    PID:3348
  • C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
    "C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2368
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2368 -s 4384
      2⤵
      • Program crash
      • Suspicious behavior: EnumeratesProcesses
      PID:4760
  • C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
    1⤵
    • Modifies data under HKEY_USERS
    PID:2972
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k appmodel -p -s camsvc
    1⤵
      PID:2180
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 408 -p 2368 -ip 2368
      1⤵
      • Suspicious use of NtCreateProcessExOtherParentProcess
      • Suspicious use of WriteProcessMemory
      PID:3764

    Network

    • flag-us
      DNS
      www.bing.com
      SearchApp.exe
      Remote address:
      8.8.8.8:53
      Request
      www.bing.com
      IN A
      Response
      www.bing.com
      IN CNAME
      a-0001.a-afdentry.net.trafficmanager.net
      a-0001.a-afdentry.net.trafficmanager.net
      IN CNAME
      www-bing-com.dual-a-0001.a-msedge.net
      www-bing-com.dual-a-0001.a-msedge.net
      IN CNAME
      dual-a-0001.a-msedge.net
      dual-a-0001.a-msedge.net
      IN A
      204.79.197.200
      dual-a-0001.a-msedge.net
      IN A
      13.107.21.200
    • flag-us
      GET
      https://www.bing.com/rb/5q/cj,nj/fFSXkj1t_zfXRNULqSUNux82Lcw.js?bu=FMIkzCPzBdsj3SPfI-Ej7SPIJJckmQ2tJLMkzCTzBfMF5iCOJJUNjA0&or=w
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rb/5q/cj,nj/fFSXkj1t_zfXRNULqSUNux82Lcw.js?bu=FMIkzCPzBdsj3SPfI-Ej7SPIJJckmQ2tJLMkzCTzBfMF5iCOJJUNjA0&or=w HTTP/2.0
      host: www.bing.com
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept: */*
      accept-language: en-US
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Wed, 26 Jan 2022 05:31:47 GMT
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=a7099b27&IPMID=1643388133621; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 304
      cache-control: public, max-age=432000
      content-type: application/x-javascript; charset=utf-8
      content-encoding: br
      last-modified: Tue, 04 Jan 2022 13:08:41 GMT
      vary: Accept-Encoding
      x-cache: TCP_HIT
      server: Kestrel
      access-control-allow-headers: *
      access-control-allow-origin: *
      x-snr-routing: 1
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: E5E2BA5D5D6A44CB88BA5579DC351F01 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:44Z
      date: Fri, 11 Feb 2022 07:01:43 GMT
    • flag-us
      GET
      https://www.bing.com/manifest/threshold.appcache
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /manifest/threshold.appcache HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      origin: https://www.bing.com
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=a7099b27&IPMID=1643388133621; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=CPID=1644562900625&AC=1&CPH=f646109c; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 8433
      content-type: application/x-javascript; charset=utf-8
      content-encoding: br
      last-modified: Tue, 08 Feb 2022 04:58:55 GMT
      vary: Accept-Encoding
      x-cache: TCP_HIT
      server: Kestrel
      access-control-allow-headers: *
      access-control-allow-origin: *
      x-snr-routing: 1
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: DC038A9494FF4BE2BEB15BBC6BAF1F8B Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:45Z
      date: Fri, 11 Feb 2022 07:01:45 GMT
    • flag-us
      GET
      https://www.bing.com/rb/17/cj,nj/X6j0qPgNij1n_IogMJrgYaT9Kp8.js?bu=Dh8oW2dqbWReYZwBnwEokQEo&or=w
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rb/17/cj,nj/X6j0qPgNij1n_IogMJrgYaT9Kp8.js?bu=Dh8oW2dqbWReYZwBnwEokQEo&or=w HTTP/2.0
      host: www.bing.com
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept: */*
      accept-language: en-US
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Wed, 26 Jan 2022 05:31:36 GMT
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=a7099b27&IPMID=1643388133621; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=CPID=1644562900625&AC=1&CPH=f646109c; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: private
      content-length: 932
      content-type: text/cache-manifest; charset=utf-8
      content-encoding: br
      vary: Accept-Encoding
      p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
      set-cookie: SUID=M; domain=.bing.com; expires=Sat, 12-Feb-2022 07:01:45 GMT; path=/; secure; HttpOnly; SameSite=None
      set-cookie: _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; domain=.bing.com; path=/; HttpOnly
      set-cookie: _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913; domain=.bing.com; path=/; secure; SameSite=None
      set-cookie: SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; domain=.bing.com; expires=Sun, 11-Feb-2024 07:01:45 GMT; path=/; secure; SameSite=None
      x-snr-routing: 1
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: D892B6F36F8A45138231F9785A9134C6 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:45Z
      date: Fri, 11 Feb 2022 07:01:45 GMT
    • flag-us
      POST
      https://www.bing.com/threshold/xls.aspx
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      POST /threshold/xls.aspx HTTP/2.0
      host: www.bing.com
      origin: https://www.bing.com
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept: */*
      accept-language: en-US
      content-type: text/xml
      x-msedge-externalexp: d-thshld42,d-thshld77,eadqf-staagg2,msbwi20220124t
      x-msedge-externalexptype: JointCoord
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      content-length: 1448
      cache-control: no-cache
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=a7099b27&IPMID=1643388133621; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=CPID=1644562900625&AC=1&CPH=f646109c; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 204
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 2880393D8C9F4043AD900EAEBEC017A5 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:45Z
      date: Fri, 11 Feb 2022 07:01:45 GMT
    • flag-us
      GET
      https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /AS/API/WindowsCortanaPane/V2/Init HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: private
      content-length: 65401
      content-type: text/html; charset=utf-8
      content-encoding: br
      vary: Accept-Encoding
      p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
      x-snr-routing: 1
      x-ua-compatible: IE=edge
      x-xss-protection: 0
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 325D67D0A3414AF2892823E88C7EA904 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:45Z
      date: Fri, 11 Feb 2022 07:01:45 GMT
    • flag-us
      GET
      https://www.bing.com/rb/1a/cir2,ortl,cc,nc/U006EeMfq1iK7IAAM8DJcfY519o.css?bu=B8EBPLgBaDs7xQE&or=w
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rb/1a/cir2,ortl,cc,nc/U006EeMfq1iK7IAAM8DJcfY519o.css?bu=B8EBPLgBaDs7xQE&or=w HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 1579
      content-type: text/css; charset=utf-8
      content-encoding: br
      last-modified: Tue, 08 Feb 2022 04:57:25 GMT
      vary: Accept-Encoding
      x-cache: TCP_HIT
      server: Kestrel
      access-control-allow-headers: *
      access-control-allow-origin: *
      x-snr-routing: 1
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 543B190C987A4EA3B6F0FFC496673A59 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:45Z
      date: Fri, 11 Feb 2022 07:01:45 GMT
    • flag-us
      GET
      https://www.bing.com/rb/1a/cir2,ortl,cc,nc/UYUNDxqDYWOuXKtxln9Ggb_NBpQ.css?bu=CecEjQK1AqwFxAS4BKcDOzs&or=w
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rb/1a/cir2,ortl,cc,nc/UYUNDxqDYWOuXKtxln9Ggb_NBpQ.css?bu=CecEjQK1AqwFxAS4BKcDOzs&or=w HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 4841
      content-type: text/css; charset=utf-8
      content-encoding: br
      last-modified: Fri, 28 Jan 2022 19:31:29 GMT
      vary: Accept-Encoding
      x-cache: TCP_HIT
      server: Kestrel
      access-control-allow-headers: *
      access-control-allow-origin: *
      x-snr-routing: 1
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 81B97C141B5140F980769F1AABAF1585 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:46Z
      date: Fri, 11 Feb 2022 07:01:46 GMT
    • flag-us
      GET
      https://www.bing.com/rb/47/ortl,cc,nc/8yOt-qMgl3wFFpnXBbdaeUrdWpM.css?bu=A4gCjAKPAg&or=w
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rb/47/ortl,cc,nc/8yOt-qMgl3wFFpnXBbdaeUrdWpM.css?bu=A4gCjAKPAg&or=w HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Wed, 26 Jan 2022 11:27:57 GMT
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 3508
      content-type: text/css; charset=utf-8
      content-encoding: br
      last-modified: Tue, 08 Feb 2022 04:58:12 GMT
      vary: Accept-Encoding
      x-cache: TCP_HIT
      server: Kestrel
      access-control-allow-headers: *
      access-control-allow-origin: *
      x-snr-routing: 1
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 45A274EA5CBA4E049DCF8A35191F6815 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:46Z
      date: Fri, 11 Feb 2022 07:01:46 GMT
    • flag-us
      GET
      https://www.bing.com/rb/6J/cir2,ortl,cc,nc/omeF_v5UOBBBK5-ZNrZZSW0txeY.css?bu=FPgF9QWKBq8GgQb-Be8FqQaNBpAG7wWTBu8FmwakBp4G7wXvBe8F7wU&or=w
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rb/6J/cir2,ortl,cc,nc/omeF_v5UOBBBK5-ZNrZZSW0txeY.css?bu=FPgF9QWKBq8GgQb-Be8FqQaNBpAG7wWTBu8FmwakBp4G7wXvBe8F7wU&or=w HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 37715
      content-type: text/css; charset=utf-8
      content-encoding: br
      last-modified: Tue, 08 Feb 2022 12:41:00 GMT
      vary: Accept-Encoding
      x-cache: TCP_HIT
      server: Kestrel
      access-control-allow-headers: *
      access-control-allow-origin: *
      x-snr-routing: 1
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: D15A77CCECB54B768BE86FA7B982A99F Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:46Z
      date: Fri, 11 Feb 2022 07:01:46 GMT
    • flag-us
      GET
      https://www.bing.com/rb/6J/ortl,cc,nc/QNBBNqWD9F_Blep-UqQSqnMp-FI.css?bu=Ae8F&or=w
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rb/6J/ortl,cc,nc/QNBBNqWD9F_Blep-UqQSqnMp-FI.css?bu=Ae8F&or=w HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 10
      content-type: text/css; charset=utf-8
      content-encoding: br
      last-modified: Tue, 08 Feb 2022 04:57:58 GMT
      vary: Accept-Encoding
      x-cache: TCP_HIT
      server: Kestrel
      access-control-allow-headers: *
      access-control-allow-origin: *
      x-snr-routing: 1
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: EC7413B4413A4E768D21F98D883FC2C1 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:46Z
      date: Fri, 11 Feb 2022 07:01:46 GMT
    • flag-us
      GET
      https://www.bing.com/rp/1UewCJeQh7H4TkEu4viPy9Nx7dE.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/1UewCJeQh7H4TkEu4viPy9Nx7dE.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 25749
      content-type: text/javascript; charset=utf-8
      content-encoding: br
      content-md5: PSGGmbzVbC+D6UyP03wdcQ==
      last-modified: Wed, 09 Feb 2022 03:14:52 GMT
      etag: 0x8D9EB7A56FF7A3B
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: 1f3dda89-201e-004d-29a7-1db8d9000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 063D5334C9ED4D099E389E09D56C5022 Ref B: AMS04EDGE1320 Ref C: 2022-02-09T13:29:32Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: FE26182427324FC499337E3F4D9E6C4D Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:47Z
      date: Fri, 11 Feb 2022 07:01:47 GMT
    • flag-us
      GET
      https://www.bing.com/rp/7Y7GIdHwvb_FHuCBnybcAmLO7GY.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/7Y7GIdHwvb_FHuCBnybcAmLO7GY.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 12468
      content-type: text/javascript; charset=utf-8
      content-encoding: br
      content-md5: OAm2+Dfso4ykC5+AJWkkNA==
      last-modified: Fri, 28 Jan 2022 10:42:03 GMT
      etag: 0x8D9E24AD21CB179
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: d440b685-401e-0016-22f0-1c81e2000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 56EFB24B971F49C699080617D72DC1B8 Ref B: AMS04EDGE1208 Ref C: 2022-02-08T20:07:56Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: DBB118C7B31C45E6A57C325EC616C56C Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:47Z
      date: Fri, 11 Feb 2022 07:01:47 GMT
    • flag-us
      GET
      https://www.bing.com/rp/98-tFzBbrLP3oaKdmZtyZ4BBBI4.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/98-tFzBbrLP3oaKdmZtyZ4BBBI4.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Thu, 28 Jan 2021 01:44:49 GMT
      if-none-match: 0x8D8C32E4CDC654C
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 304
      cache-control: public, max-age=432000
      content-type: application/x-javascript; charset=utf-8
      content-encoding: br
      content-md5: xVtvk8m0iq8KaH8JY6bhxg==
      last-modified: Thu, 28 Jan 2021 01:44:49 GMT
      etag: 0x8D8C32E4CDC654C
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: 5d3b0d19-701e-001d-64ad-1b7a89000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 37E09AB10E2D4ED6AD92863B17DDE1D8 Ref B: AMS04EDGE1221 Ref C: 2022-02-08T20:07:55Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: F56C1CF965D240E0A1A44F95F22EBB18 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:47Z
      date: Fri, 11 Feb 2022 07:01:47 GMT
    • flag-us
      GET
      https://www.bing.com/rp/9F6Tm6dN0EAZXebCoQTyg-a_REo.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/9F6Tm6dN0EAZXebCoQTyg-a_REo.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Tue, 04 Jan 2022 21:09:23 GMT
      if-none-match: 0x8D9CFC67BC39897
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 304
      cache-control: public, max-age=432000
      content-type: text/javascript; charset=utf-8
      content-encoding: br
      content-md5: bC3aqbI+g1zI+kyoHYAiiQ==
      last-modified: Tue, 04 Jan 2022 21:09:23 GMT
      etag: 0x8D9CFC67BC39897
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: dd3794ee-501e-0057-0ac6-1dd906000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 8CCE4E4C038542EEBD0A94A26FB55987 Ref B: AMS04EDGE1115 Ref C: 2022-02-10T19:35:32Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: B20BAD05C3214E13B8C68077D645E45B Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:47Z
      date: Fri, 11 Feb 2022 07:01:47 GMT
    • flag-us
      GET
      https://www.bing.com/rp/BQR--Mi6Hdug9aUgfjMzORag63E.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/BQR--Mi6Hdug9aUgfjMzORag63E.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Mon, 23 Nov 2020 21:26:10 GMT
      if-none-match: 0x8D88FF665839903
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 304
      cache-control: public, max-age=432000
      content-type: application/x-javascript; charset=utf-8
      content-encoding: br
      content-md5: uh4a6uPJ/QiEZGs/QDfl5w==
      last-modified: Mon, 23 Nov 2020 21:26:10 GMT
      etag: 0x8D88FF665839903
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: 39667a62-701e-0040-4731-1c700d000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 916C42B8A52A44A8B85AE5F08EBEBCFF Ref B: AMS04EDGE1114 Ref C: 2022-02-08T21:17:57Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: FA39B89745F44505BA9CAC9BD0C1C1C1 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:48Z
      date: Fri, 11 Feb 2022 07:01:48 GMT
    • flag-us
      GET
      https://www.bing.com/rp/Cj4mQnDN_eMyYEqsEbjRrJ2Ttec.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/Cj4mQnDN_eMyYEqsEbjRrJ2Ttec.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Wed, 24 Jun 2020 05:06:01 GMT
      if-none-match: 0x8D817FC4A10933C
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 304
      cache-control: public, max-age=432000
      content-type: application/x-javascript; charset=utf-8
      content-encoding: br
      content-md5: 3WhJ+OYKE/V46pTyaMnODg==
      last-modified: Wed, 24 Jun 2020 05:06:01 GMT
      etag: 0x8D817FC4A10933C
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: d00d410a-001e-00ae-62ff-1bda24000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 18BE2144BC8C40C6BDD48BFD7BD3D027 Ref B: AMS04EDGE1309 Ref C: 2022-02-08T20:07:55Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: 184168D179AE4E689CCD4E798FFB5528 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:48Z
      date: Fri, 11 Feb 2022 07:01:48 GMT
    • flag-us
      GET
      https://www.bing.com/rp/EFZQVfd-aT3vKh3O-kC_qyc_0q8.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/EFZQVfd-aT3vKh3O-kC_qyc_0q8.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 18419
      content-type: text/javascript; charset=utf-8
      content-encoding: br
      content-md5: henilD4oH4y2jEHuxkSWmg==
      last-modified: Wed, 09 Feb 2022 03:14:54 GMT
      etag: 0x8D9EB7A57ED3BCB
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: b45a06b2-501e-009c-6ea7-1dda53000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 9A2F39E77ED046AFB58B921E5F98F69B Ref B: AMS04EDGE1509 Ref C: 2022-02-09T13:29:33Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: 4ECF0F8B04AD4F8DB928BD1AAF9C5B33 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:48Z
      date: Fri, 11 Feb 2022 07:01:48 GMT
    • flag-us
      GET
      https://www.bing.com/rp/HXQOmZnHKkJYgneadHww_IjOlxQ.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/HXQOmZnHKkJYgneadHww_IjOlxQ.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Thu, 24 Jun 2021 18:40:09 GMT
      if-none-match: 0x8D9373F7E832F32
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 304
      cache-control: public, max-age=432000
      content-type: text/javascript; charset=utf-8
      content-encoding: br
      content-md5: 0sPKi9j4grNI6xJF5svNbg==
      last-modified: Thu, 24 Jun 2021 18:40:09 GMT
      etag: 0x8D9373F7E832F32
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: 4778eddd-801e-007b-4df3-1c35a9000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: AE310A482FA945C7957BE82DB544B746 Ref B: AMS04EDGE1212 Ref C: 2022-02-10T19:35:31Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: 00487233A255472A82BD866E2349F04F Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:49Z
      date: Fri, 11 Feb 2022 07:01:49 GMT
    • flag-us
      GET
      https://www.bing.com/rp/ISqjehphJRJanLfetqLqda1tayw.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/ISqjehphJRJanLfetqLqda1tayw.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 407631
      content-type: text/javascript; charset=utf-8
      content-encoding: br
      content-md5: UHCsPJhQyeecO2zfUHSXsg==
      last-modified: Wed, 09 Feb 2022 01:20:12 GMT
      etag: 0x8D9EB6A5206CCC1
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: 905aebbe-e01e-0030-62a7-1dc9fa000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 2A416261A5B5492DB9079FA5B316FF80 Ref B: AMS04EDGE1419 Ref C: 2022-02-09T13:29:33Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: 8896D1973B4C4BA29F850BD84A6AFDAC Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:49Z
      date: Fri, 11 Feb 2022 07:01:49 GMT
    • flag-us
      GET
      https://www.bing.com/rp/MAi8ZrMgFhG81tZ07Arc2JEjTY8.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/MAi8ZrMgFhG81tZ07Arc2JEjTY8.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Wed, 24 Jun 2020 05:07:14 GMT
      if-none-match: 0x8D817FC756864AE
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 304
      cache-control: public, max-age=432000
      content-type: application/x-javascript; charset=utf-8
      content-encoding: br
      content-md5: 4csgy3MnorVZ2sztEWGSow==
      last-modified: Wed, 24 Jun 2020 05:07:14 GMT
      etag: 0x8D817FC756864AE
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: 1ef42496-201e-004d-6146-1cb8d9000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 58FA779E07D64A89A6798DB1E61DBDFE Ref B: AMS04EDGE1113 Ref C: 2022-02-09T00:17:39Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: F8F802D685EC4AA6AA5D6B4DD13E61DD Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:49Z
      date: Fri, 11 Feb 2022 07:01:49 GMT
    • flag-us
      GET
      https://www.bing.com/rp/MDqPc1m5c6NCOcjcf9QO_UfJAUI.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/MDqPc1m5c6NCOcjcf9QO_UfJAUI.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      if-modified-since: Fri, 08 Jan 2021 17:46:27 GMT
      if-none-match: 0x8D8B3FD5319B034
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 304
      cache-control: public, max-age=432000
      content-type: application/x-javascript; charset=utf-8
      content-encoding: br
      content-md5: 6fDsIZ2RXTHLpooNNws/Zw==
      last-modified: Fri, 08 Jan 2021 17:46:27 GMT
      etag: 0x8D8B3FD5319B034
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: 396ca296-801e-0054-7f33-1c3862000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: 61477C0106244A8BA2806D87F0482188 Ref B: AMS04EDGE1410 Ref C: 2022-02-08T22:30:32Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: 3D0D7B1DCD62490198449DB5C7F17BA8 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:49Z
      date: Fri, 11 Feb 2022 07:01:49 GMT
    • flag-us
      GET
      https://www.bing.com/rp/MOF_GzvGOii0VGtOHdGSeaiR5wU.br.js
      SearchApp.exe
      Remote address:
      204.79.197.200:443
      Request
      GET /rp/MOF_GzvGOii0VGtOHdGSeaiR5wU.br.js HTTP/2.0
      host: www.bing.com
      accept: */*
      referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      cookie: SRCHUID=V=2&GUID=3538640BC6DE4AE6BB56FF1309DEC2DB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20220113; SRCHHPGUSR=SRCHLANG=en&LUT=1643387473203&IPMH=08ec2de4&IPMID=1644562900625; CortanaAppUID=AC132211E844C53C821E601A23766E16; MUID=0429C08E356E4A2E88C7FB04727339BA; _SS=SID=00C6F3EAE862686C0BD2E2A2E9266913&CBV=26808833; SUID=M; _EDGE_S=SID=00C6F3EAE862686C0BD2E2A2E9266913; MUIDB=0429C08E356E4A2E88C7FB04727339BA
      Response
      HTTP/2.0 200
      cache-control: public, max-age=432000
      content-length: 7621
      content-type: text/javascript; charset=utf-8
      content-encoding: br
      content-md5: IwbE1vxan0croaOvYCoc1w==
      last-modified: Mon, 07 Feb 2022 22:20:11 GMT
      etag: 0x8D9EA880178DB0D
      server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
      x-cache: TCP_HIT
      x-ms-request-id: 5f2a1200-201e-00b9-3ada-1c732f000000
      x-ms-version: 2009-09-19
      x-ms-lease-status: unlocked
      x-ms-blob-type: BlockBlob
      access-control-allow-origin: *
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-azure-ref-originshield: Ref A: A4AB9093D76F477C9A328E8D0468C0A6 Ref B: AMS04EDGE1112 Ref C: 2022-02-08T20:42:15Z
      timing-allow-origin: *
      cross-origin-resource-policy: cross-origin
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaot"}]}
      x-msedge-ref: Ref A: 0A0FAB6957AF45ECBBDDDB1D181CA8A2 Ref B: AMBEDGE0709 Ref C: 2022-02-11T07:01:49Z
      date: Fri, 11 Feb 2022 07:01:49 GMT
    • 88.221.144.170:80
      322 B
      7
    • 88.221.144.170:80
      322 B
      7
    • 67.27.153.126:80
      46 B
      40 B
      1
      1
    • 67.27.153.126:80
      46 B
      40 B
      1
      1
    • 67.27.153.126:80
      46 B
      40 B
      1
      1
    • 67.27.153.126:80
      46 B
      40 B
      1
      1
    • 204.79.197.200:443
      www.bing.com
      tls
      919 B
      7.4kB
      9
      8
    • 204.79.197.200:443
      www.bing.com
      tls, https
      2.8kB
      8.4kB
      19
      17
    • 204.79.197.200:443
      www.bing.com
      tls, http2
      SearchApp.exe
      1.5kB
      8.1kB
      16
      14
    • 204.79.197.200:443
      https://www.bing.com/rp/MOF_GzvGOii0VGtOHdGSeaiR5wU.br.js
      tls, http2
      SearchApp.exe
      27.7kB
      631.3kB
      483
      482

      HTTP Request

      GET https://www.bing.com/rb/5q/cj,nj/fFSXkj1t_zfXRNULqSUNux82Lcw.js?bu=FMIkzCPzBdsj3SPfI-Ej7SPIJJckmQ2tJLMkzCTzBfMF5iCOJJUNjA0&or=w

      HTTP Response

      304

      HTTP Request

      GET https://www.bing.com/manifest/threshold.appcache

      HTTP Request

      GET https://www.bing.com/rb/17/cj,nj/X6j0qPgNij1n_IogMJrgYaT9Kp8.js?bu=Dh8oW2dqbWReYZwBnwEokQEo&or=w

      HTTP Response

      200

      HTTP Request

      POST https://www.bing.com/threshold/xls.aspx

      HTTP Response

      200

      HTTP Response

      204

      HTTP Request

      GET https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rb/1a/cir2,ortl,cc,nc/U006EeMfq1iK7IAAM8DJcfY519o.css?bu=B8EBPLgBaDs7xQE&or=w

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rb/1a/cir2,ortl,cc,nc/UYUNDxqDYWOuXKtxln9Ggb_NBpQ.css?bu=CecEjQK1AqwFxAS4BKcDOzs&or=w

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rb/47/ortl,cc,nc/8yOt-qMgl3wFFpnXBbdaeUrdWpM.css?bu=A4gCjAKPAg&or=w

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rb/6J/cir2,ortl,cc,nc/omeF_v5UOBBBK5-ZNrZZSW0txeY.css?bu=FPgF9QWKBq8GgQb-Be8FqQaNBpAG7wWTBu8FmwakBp4G7wXvBe8F7wU&or=w

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rb/6J/ortl,cc,nc/QNBBNqWD9F_Blep-UqQSqnMp-FI.css?bu=Ae8F&or=w

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rp/1UewCJeQh7H4TkEu4viPy9Nx7dE.br.js

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rp/7Y7GIdHwvb_FHuCBnybcAmLO7GY.br.js

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rp/98-tFzBbrLP3oaKdmZtyZ4BBBI4.br.js

      HTTP Response

      304

      HTTP Request

      GET https://www.bing.com/rp/9F6Tm6dN0EAZXebCoQTyg-a_REo.br.js

      HTTP Response

      304

      HTTP Request

      GET https://www.bing.com/rp/BQR--Mi6Hdug9aUgfjMzORag63E.br.js

      HTTP Response

      304

      HTTP Request

      GET https://www.bing.com/rp/Cj4mQnDN_eMyYEqsEbjRrJ2Ttec.br.js

      HTTP Response

      304

      HTTP Request

      GET https://www.bing.com/rp/EFZQVfd-aT3vKh3O-kC_qyc_0q8.br.js

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rp/HXQOmZnHKkJYgneadHww_IjOlxQ.br.js

      HTTP Response

      304

      HTTP Request

      GET https://www.bing.com/rp/ISqjehphJRJanLfetqLqda1tayw.br.js

      HTTP Response

      200

      HTTP Request

      GET https://www.bing.com/rp/MAi8ZrMgFhG81tZ07Arc2JEjTY8.br.js

      HTTP Response

      304

      HTTP Request

      GET https://www.bing.com/rp/MDqPc1m5c6NCOcjcf9QO_UfJAUI.br.js

      HTTP Response

      304

      HTTP Request

      GET https://www.bing.com/rp/MOF_GzvGOii0VGtOHdGSeaiR5wU.br.js

      HTTP Response

      200
    • 8.8.8.8:53
      www.bing.com
      dns
      SearchApp.exe
      58 B
      206 B
      1
      1

      DNS Request

      www.bing.com

      DNS Response

      204.79.197.200
      13.107.21.200

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2972-135-0x000001EF30EC0000-0x000001EF30EC4000-memory.dmp

      Filesize

      16KB

    • memory/3348-130-0x000001AB0E220000-0x000001AB0E230000-memory.dmp

      Filesize

      64KB

    • memory/3348-131-0x000001AB0E280000-0x000001AB0E290000-memory.dmp

      Filesize

      64KB

    • memory/3348-132-0x000001AB10940000-0x000001AB10944000-memory.dmp

      Filesize

      16KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.