8.8.8.8:53

20.86.249.62:443

POST /api/browser/edge/actions HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiVU0xeXJESFVaZ289Iiwia2V5IjoiM2NOTkZJdlZYK2JrSGZUZENtSGlFUT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 3820
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:07 GMT
Connection: close

8.8.8.8:53

62.30.53.100:80

GET /scripts/postinstall.asp?package=XMouse&major=2&minor=19&build=2&revision=0&platform=x64 HTTP/1.1
Host: www.highrez.co.uk
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://www.highrez.co.uk/scripts/postinstall.asp?package=XMouse&major=2&minor=19&build=2&revision=0&platform=x64
Server: Microsoft-IIS/10.0
X-Clacks-Overhead: GNU Terry Pratchett
X-Powered-By: ASP.NET
Date: Tue, 13 Sep 2022 13:23:07 GMT
Content-Length: 256

8.8.8.8:53

20.86.249.62:443

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiT0pIUzdaZUNjRXc9Iiwia2V5IjoibU5FcDNuYjlRL0xZdXFEMkJucTAwdz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1743
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 4761
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:08 GMT
Connection: close

20.73.130.64:443

GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19041.1288.vb_release&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "170540185939602997400506234197983529371"
User-Agent: SmartScreen/281479409565696
Host: smartscreen-prod.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 460976
Content-Type: application/octet-stream
ETag: "637811103879324684"
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,EnableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:08 GMT
Connection: close

20.73.130.64:443

POST /api/browser/edge/data/settings HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiVU0xeXJESFVaZ289Iiwia2V5IjoiM2NOTkZJdlZYK2JrSGZUZENtSGlFUT09In0=
If-None-Match: "2.0-0"
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: smartscreen-prod.microsoft.com

HTTP/1.1 200 OK
Content-Length: 129085
Content-Type: application/octet-stream
ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:07 GMT
Connection: close

20.73.130.64:443

GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.19041.1288.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "636976985063396749.rel.v2"
User-Agent: SmartScreen/281479409565696
Host: smartscreen-prod.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 4349
Content-Type: application/octet-stream
ETag: "637986715261355369"
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,EnableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:08 GMT
Connection: close

20.73.130.64:443

GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.19041.1288.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "637986715261355369"
User-Agent: SmartScreen/281479409565696
Host: smartscreen-prod.microsoft.com

HTTP/1.1 304 Not Modified
Cache-Control: max-age=86400
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,EnableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:08 GMT
Connection: close

20.73.130.64:443

POST /api/browser/edge/data/settings HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiRmJ6dlpqdURYT0k9Iiwia2V5IjoiSC92c0ZQM3QxL0RzemlKZ01ETDJpQT09In0=
If-None-Match: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
User-Agent: SmartScreen/281479409565696
Content-Length: 1314
Host: smartscreen-prod.microsoft.com

HTTP/1.1 200 OK
Content-Length: 129085
Content-Type: application/octet-stream
ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:08 GMT
Connection: close

20.86.249.62:443

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiTUhaVllEWUFnRW89Iiwia2V5IjoiUitIeEJYMXJIT3J5Vi9OblladnA4dz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1941
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 2871
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:08 GMT
Connection: close

20.73.130.64:443

GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19041.1288.vb_release&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "637811103879324684"
User-Agent: SmartScreen/281479409565696
Host: smartscreen-prod.microsoft.com

HTTP/1.1 304 Not Modified
Cache-Control: max-age=86400
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,EnableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:08 GMT
Connection: close

20.73.130.64:443

GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19041.1288.vb_release&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "637811103879324684"
User-Agent: SmartScreen/281479409565696
Host: smartscreen-prod.microsoft.com

HTTP/1.1 304 Not Modified
Cache-Control: max-age=86400
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,EnableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:09 GMT
Connection: close

8.8.8.8:53

20.86.249.62:443

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiTEFkemhBK1lkaVU9Iiwia2V5IjoickhZUitzS0VETEU5cmdrQVI2QnhhZz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2019
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 893
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:08 GMT
Connection: close

8.8.8.8:53

96.16.53.139:80

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

HTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Mon, 20 Jun 2022 20:24:00 GMT
ETag: "37d-5e1e6e25c9800"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 14:23:09 GMT
Date: Tue, 13 Sep 2022 13:23:09 GMT
Connection: keep-alive

8.8.8.8:53

8.8.8.8:53

142.250.179.170:443

GET /ajax/libs/jquery/1.8.0/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://dvps.highrez.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

185.199.108.153:443

GET /projects/francium/cryptodonate/img/icon_bitcoin.png HTTP/2.0
host: lab.subinsb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://dvps.highrez.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Sun, 22 Aug 2021 16:46:27 GMT
access-control-allow-origin: *
etag: "61227f63-6fa"
expires: Mon, 12 Sep 2022 21:40:30 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 292A:13D87:7A550A:7E711A:631FA4F6
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:23:10 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-ams21025-AMS
x-cache: HIT
x-cache-hits: 1
x-timer: S1663075390.175651,VS0,VE102
vary: Accept-Encoding
x-fastly-request-id: 287aebd751435de06aa6cc4e82b80018b23e6d1f
content-length: 1786

185.199.108.153:443

GET /projects/francium/cryptodonate/img/wallet.png HTTP/2.0
host: lab.subinsb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://dvps.highrez.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
server: GitHub.com
content-type: image/png
last-modified: Sun, 22 Aug 2021 16:46:27 GMT
access-control-allow-origin: *
etag: "61227f63-95b"
expires: Fri, 09 Sep 2022 01:23:19 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B888:43B0:45F13C:4849E0:631A932F
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:23:10 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-ams21025-AMS
x-cache: HIT
x-cache-hits: 1
x-timer: S1663075390.175634,VS0,VE112
vary: Accept-Encoding
x-fastly-request-id: 8aa8ed721f638f9261406d8e2d5a6bc4d4b46d92
content-length: 2395

8.8.8.8:53

142.251.36.34:443

GET /pagead/html/r20220908/r20190131/zrt_lookup.html HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dvps.highrez.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

20.86.249.62:443

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiQlBIdmM0VGZGQ1k9Iiwia2V5IjoiVk9Sck9qOWsxaTQxSUZ2VnhqSE1wZz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1807
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 960
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:09 GMT
Connection: close

8.8.8.8:53

20.86.249.62:443

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiU2lORWIwcEdOWG89Iiwia2V5IjoiQXp4TzRGekI3alNqelBGMkNNdnJuZz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2784
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 3230
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:09 GMT
Connection: close

8.8.8.8:53

20.86.249.62:443

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiU0tiR1dBSlFGVkE9Iiwia2V5IjoicmZEWVllcVRydDNJL3dFZHgxYXV2Zz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2810
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 3284
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:10 GMT
Connection: close

20.86.249.62:443

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiTUl2SWxxWmg4Qkk9Iiwia2V5IjoiaFltcFk2dEN4WUtpZWhEZHgrUCs1Zz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2941
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 3559
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:10 GMT
Connection: close

172.217.168.226:443

GET /adsid/integrator.js?domain=dvps.highrez.co.uk HTTP/2.0
host: adservice.google.nl
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://dvps.highrez.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

142.251.36.1:443

GET /pagead/js/r20220908/r20110914/abg_lite.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /pagead/js/r20220908/r20110914/client/qs_click_protection.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /simgad/3193981500160841632/downsize_200k_v1?w=400&h=209 HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /simgad/10227063155656290870?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmVmZzCbwAvpSlEZANz1qd92HOncw HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /pagead/js/r20220908/r20110914/client/load_preloaded_resource.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /pagead/js/r20220908/r20110914/client/window_focus.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.251.36.1:443

GET /pagead/js/r20220908/r20110914/client/one_click_handler_one_afma.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.250.179.130:443

GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/2.0
host: www.googletagservices.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

20.86.249.62:443

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoidFd2THQ0TjlXams9Iiwia2V5IjoiVVB5QnVlNzR0OFJ3QlFxOVFnSlJtQT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2816
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 2309
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:10 GMT
Connection: close

8.8.8.8:53

20.86.249.62:443

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiZmlXbFBQUnVZNHM9Iiwia2V5IjoiR3pYYmlDOUVqWFJGdCt0MHFIVEVxUT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1785
Host: nav.smartscreen.microsoft.com

HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Content-Length: 923
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Tue, 13 Sep 2022 13:23:12 GMT
Connection: close

8.8.8.8:53

8.8.8.8:443

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity

8.8.8.8:443

GET /dns-query?dns=AAABAAABAAAAAAABBGVkZ2UJbWljcm9zb2Z0A2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity

8.8.8.8:443

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity

8.8.8.8:53

8.8.8.8:53