Analysis
-
max time kernel
60s -
max time network
63s -
platform
windows10-1703_x64 -
resource
win10-20230220-en -
resource tags
arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system -
submitted
08-03-2023 02:33
Behavioral task
behavioral1
Sample
VenomRAT/Plugins/Keylogger.exe
Resource
win10-20230220-en
Behavioral task
behavioral2
Sample
VenomRAT/Plugins/Keylogger.exe
Resource
win10v2004-20230221-en
Behavioral task
behavioral3
Sample
VenomRAT/VenomRAT_HVNC.exe
Resource
win10-20230220-en
General
-
Target
VenomRAT/VenomRAT_HVNC.exe
-
Size
16.5MB
-
MD5
c90bb028354000acc74485f2db4ab492
-
SHA1
28e6ce32a075669b3e382eaeb4871f7c3fc3bbef
-
SHA256
54df65f59a153e58faafc63addf325b7c492f000b8cda7e3cf527f5c0080325d
-
SHA512
9400521f9dd1fd76a914006133cd9b9dc5c8783407ff6b99fbb5a74c1a81e45818772ef4e1cabc9c67232bf60d977b48c2fadcb9401ae05e7c8e23fcf9ba7406
-
SSDEEP
393216:sl9Yl7Elel7ElAlQleTl/l/l/l/l/lzlml/lqlZlHl/l/l/l/l/l/lIlAl+lUl2x:WTXT
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000\Control Panel\International\Geo\Nation VenomRAT_HVNC.exe -
Drops file in Windows directory 6 IoCs
description ioc Process File created C:\Windows\rescache\_merged\3720402701\2219095117.pri MicrosoftEdge.exe File opened for modification C:\Windows\Debug\ESE.TXT MicrosoftEdge.exe File created C:\Windows\rescache\_merged\3720402701\2219095117.pri MicrosoftEdgeCP.exe File created C:\Windows\rescache\_merged\3720402701\2219095117.pri MicrosoftEdgeCP.exe File created C:\Windows\rescache\_merged\3720402701\2219095117.pri MicrosoftEdgeCP.exe File created C:\Windows\rescache\_merged\3720402701\2219095117.pri MicrosoftEdgeCP.exe -
description ioc Process Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000\Software\Microsoft\Internet Explorer\Main MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000\Software\Microsoft\Internet Explorer\Main browser_broker.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000\Software\Microsoft\Internet Explorer\Main MicrosoftEdgeCP.exe -
Modifies registry class 64 IoCs
description ioc Process Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate MicrosoftEdgeCP.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = c0f265f6c671d901 MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LowRegistry\DOMStorage MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LowRegistry\DontShowMeThisDialogAgain MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\usage\dscc_inventory MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif = 01000000ed62d7b1fd69ae494b5136b556a86740c57da8c08269d7f84262268ab44396baae3a5086728216adc42759769bc26d901a4ea81b0c98e300dcf5c53e2f296af28aabc4a6eacf3a945e60940520ba58b9bc873a2d218c69eea23a44b248fb2ff0e755997f9171e00406991971eeae8630f9c9ddb9d8642b0a3bd0fb5212da328e8dd8920a1c899e6b6f73ff9876c0db2161b510b3a042651f8a562dd87de6195f74d445762a3523a7ec8e2705c80eb6defae9c9e92d45cd6eb86edc65663f673b6ae9565c81962365888adbd8e0baac1e70078f49768d23f61eb743be1b0561b474b73288b6ccadcea50780c54be3ed10d8ad7eabf8390702dbd06e833258f0472dde564c3cf829840fa6d218e2a84b3c717d822dfa6ba612ac5b1e8c4d58b5693bfe9e6aed3882ec5005dfa17d2b342f0415cc2afb420d114af743452125d15bc2b6d78af1adbfcd2cc503dec78a0e01b2161fb004de26d5a143352239dfe7d6c3a8c53d5b78753bca86ec3255e770a35c2176927d5f06f609e1362320a6ba82be73a79729b784d2cce86f36cb60e1fda3d45406eee485f3504756321fe31b6ed6de747397ef MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = bc75871a6f51d901 MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\DynamicCodePolicy = 05000000 MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotnet.microsoft.com MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\IEMigration\AllComplete = "1" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ReadingMode MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ReadingMode\FontSize = "3" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0" MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\IEMigration\MigrationTime = 3df8bf635a45d901 MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\ChromeMigration\AllComplete = "1" MicrosoftEdge.exe Set value (str) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:" MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 MicrosoftEdgeCP.exe Set value (str) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory\UUID = "{1DA5FCB7-E3A7-4F19-84DD-606F88E5387F}" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\SharedCookie_MRACMigrationDone = "1" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "395205405" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotnet.microsoft.com MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total\ = "505" MicrosoftEdgeCP.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif = 0100000017e9ddfb7fffbbb971184ac1e8b996b30f117c1ca3575ad2dc9f448f2873666c3ef50e4b047bdbf7a9c553d6d151a30edc69d022deed58c5b6fd68c015f9f46c138230818c736de617fc39ba3d00d86233fc448d8669ecf39ed0 MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3 MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\ACGPolicyState = "6" MicrosoftEdgeCP.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-08760 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 71a34d186f51d901 MicrosoftEdge.exe Set value (str) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation MicrosoftEdge.exe Set value (str) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total\ = "14" MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListFirstRun = "3" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\NextPromptBuild = "15063" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DeviceId = "0" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\microsoft.com\Total = "14" MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total\ = "381" MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListInPrivateBrowsingAllowed = "1" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0" MicrosoftEdge.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge MicrosoftEdgeCP.exe Key created \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU MicrosoftEdgeCP.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0" MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0" MicrosoftEdge.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = a3e8ca246f51d901 MicrosoftEdge.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotnet.microsoft.com\ = "505" MicrosoftEdgeCP.exe Set value (int) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\microsoft.com\Total = "747" MicrosoftEdgeCP.exe Set value (data) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif = 01000000582b5381ba7cb8158ad44f360de9630f98570917ee07243df702a3f2e5ede87d21993e2f615377de94f00f11bdd7e39bd5d45dc0593f95184d05 MicrosoftEdge.exe Set value (str) \REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" MicrosoftEdgeCP.exe -
Suspicious behavior: MapViewOfSection 4 IoCs
pid Process 3732 MicrosoftEdgeCP.exe 3732 MicrosoftEdgeCP.exe 3732 MicrosoftEdgeCP.exe 3732 MicrosoftEdgeCP.exe -
Suspicious use of AdjustPrivilegeToken 8 IoCs
description pid Process Token: SeDebugPrivilege 2072 MicrosoftEdge.exe Token: SeDebugPrivilege 2072 MicrosoftEdge.exe Token: SeDebugPrivilege 2072 MicrosoftEdge.exe Token: SeDebugPrivilege 2072 MicrosoftEdge.exe Token: SeDebugPrivilege 2872 MicrosoftEdgeCP.exe Token: SeDebugPrivilege 2872 MicrosoftEdgeCP.exe Token: SeDebugPrivilege 2872 MicrosoftEdgeCP.exe Token: SeDebugPrivilege 2872 MicrosoftEdgeCP.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2072 MicrosoftEdge.exe 3732 MicrosoftEdgeCP.exe 3732 MicrosoftEdgeCP.exe -
Suspicious use of WriteProcessMemory 25 IoCs
description pid Process procid_target PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 424 3732 MicrosoftEdgeCP.exe 74 PID 3732 wrote to memory of 1980 3732 MicrosoftEdgeCP.exe 75
Processes
-
C:\Users\Admin\AppData\Local\Temp\VenomRAT\VenomRAT_HVNC.exe"C:\Users\Admin\AppData\Local\Temp\VenomRAT\VenomRAT_HVNC.exe"1⤵
- Checks computer location settings
PID:3636
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2072
-
C:\Windows\system32\browser_broker.exeC:\Windows\system32\browser_broker.exe -Embedding1⤵
- Modifies Internet Explorer settings
PID:3868
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3732
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:2872
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Drops file in Windows directory
- Modifies registry class
PID:3256
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Modifies registry class
PID:4860
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Drops file in Windows directory
- Modifies registry class
PID:424
-
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca1⤵
- Drops file in Windows directory
- Modifies registry class
PID:1980
Network
-
Remote address:8.8.8.8:53Request45.147.19.2.in-addr.arpaIN PTRResponse45.147.19.2.in-addr.arpaIN PTRa2-19-147-45deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request126.135.241.8.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request76.38.195.152.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestdotnet.microsoft.comIN AResponsedotnet.microsoft.comIN CNAMEdotnetwebsite.azurefd.netdotnetwebsite.azurefd.netIN CNAMEfirstparty-azurefd-prod.trafficmanager.netfirstparty-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0020.t-0009.fdv2-t-msedge.netshed.dual-low.part-0020.t-0009.fdv2-t-msedge.netIN CNAMEpart-0020.t-0009.fdv2-t-msedge.netpart-0020.t-0009.fdv2-t-msedge.netIN A13.107.237.48part-0020.t-0009.fdv2-t-msedge.netIN A13.107.238.48
-
GEThttps://dotnet.microsoft.com/get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0MicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0 HTTP/2.0
host: dotnet.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 302
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pPQHZAAAAAAZOmykgwuEQpt01/olUVeMQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:20 GMT
content-length: 0
-
GEThttps://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframeworkMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /download/dotnet-framework/net481?cid=getdotnetframework HTTP/2.0
host: dotnet.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 302
content-type: text/html; charset=utf-8
location: /en-us/download/dotnet-framework/net481?cid=getdotnetframework
set-cookie: TiPMix=84.07563067049091; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pPQHZAAAAAD3Ffy/gFSITpMafwTG/ECFQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:20 GMT
-
GEThttps://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframeworkMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /en-us/download/dotnet-framework/net481?cid=getdotnetframework HTTP/2.0
host: dotnet.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: TiPMix=66.97125595869153; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pfQHZAAAAADxEBgCe+0+QI/Ooy1HxZ+tQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:21 GMT
-
GEThttps://dotnet.microsoft.com/static/css/bootstrap-custom.min.css?v=EDbDNv-EoxbdChr2Men0D63u9rPl50WPGUpFVl91y38MicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/css/bootstrap-custom.min.css?v=EDbDNv-EoxbdChr2Men0D63u9rPl50WPGUpFVl91y38 HTTP/2.0
host: dotnet.microsoft.com
accept: text/css, */*
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/css
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7fcb0ad"
vary: Accept-Encoding
set-cookie: TiPMix=0.9503248843201972; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAACmzizwFE31SrVMIvbL9iyrQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:21 GMT
-
GEThttps://dotnet.microsoft.com/static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3YMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3Y HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-length: 43905
content-type: image/svg+xml
last-modified: Wed, 08 Mar 2023 01:06:22 GMT
accept-ranges: bytes
etag: "1d9515a327bd081"
set-cookie: TiPMix=35.26350702817987; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAADaK7dtd1XdSpsSBO290j6tQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2lsMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2ls HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff2a34"
vary: Accept-Encoding
set-cookie: TiPMix=68.61821944634099; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAABnO6hrhrpPTYgn0ulxdPe2QU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8MicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8 HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff287c"
vary: Accept-Encoding
set-cookie: TiPMix=29.57208339584746; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAADCeWOBVvRATpfFUM1dxmOFQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/images/redesign/download/dotnet-framework-runtime.svg?v=22xvQuHVYJL7LD0xeWgHfLKUNROSdPrvv0q3aBlVvsYMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/images/redesign/download/dotnet-framework-runtime.svg?v=22xvQuHVYJL7LD0xeWgHfLKUNROSdPrvv0q3aBlVvsY HTTP/2.0
host: dotnet.microsoft.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff3c10"
vary: Accept-Encoding
set-cookie: TiPMix=64.08964907128619; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAAAj31SyEqnlR7uBn8lY/N3bQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4QMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4Q HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7feb3ea"
vary: Accept-Encoding
set-cookie: TiPMix=66.30767436330306; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAACKHVIc3C5uRqo8esAGYZsmQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/culture-selector.min.js?v=4_W8YedFnTAVF-SRhGplUFsiivF2-s2hR-NZWrivGYcMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/culture-selector.min.js?v=4_W8YedFnTAVF-SRhGplUFsiivF2-s2hR-NZWrivGYc HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7fd9182"
vary: Accept-Encoding
set-cookie: TiPMix=26.639038988001694; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAAD/Om6cmC/yS6vi9H3jKOFqQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6UMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6U HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff57da"
vary: Accept-Encoding
set-cookie: TiPMix=25.628243048366926; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAACnSJrXmjo1RqfNiZdosF0JQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4MicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4 HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff28da"
vary: Accept-Encoding
set-cookie: TiPMix=27.31086750710897; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAACDkZLyiceITYssKnUyauwvQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQ HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff281e"
vary: Accept-Encoding
set-cookie: TiPMix=69.98056429874353; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAAAjBJNc2d16T4Bz1nqaxnI3QU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
Remote address:13.107.237.48:443RequestGET /static/fonts/open-sans-v34-latin-regular.woff2 HTTP/2.0
host: dotnet.microsoft.com
accept: */*
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://dotnet.microsoft.com
accept-encoding: gzip, deflate, br
cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581378
ResponseHTTP/2.0 200
content-length: 16372
content-type: font/woff2
last-modified: Wed, 08 Mar 2023 01:06:22 GMT
accept-ranges: bytes
etag: "1d9515a327b44f4"
set-cookie: TiPMix=90.6338552252175; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0p/QHZAAAAAA1f6x4KBxaRbex52lBvvXMQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:23 GMT
-
Remote address:13.107.237.48:443RequestGET /static/fonts/open-sans-v34-latin-600.woff2 HTTP/2.0
host: dotnet.microsoft.com
accept: */*
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://dotnet.microsoft.com
accept-encoding: gzip, deflate, br
cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581378
ResponseHTTP/2.0 200
content-length: 16740
content-type: font/woff2
last-modified: Wed, 08 Mar 2023 01:06:22 GMT
accept-ranges: bytes
etag: "1d9515a327b3a64"
set-cookie: TiPMix=67.44837998156599; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0p/QHZAAAAADRU1veoWjuSZ2vSVOOohgYQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:23 GMT
-
Remote address:13.107.237.48:443RequestGET /static/fonts/open-sans-v34-latin-700.woff2 HTTP/2.0
host: dotnet.microsoft.com
accept: */*
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://dotnet.microsoft.com
accept-encoding: gzip, deflate, br
cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581378
ResponseHTTP/2.0 200
content-length: 16756
content-type: font/woff2
last-modified: Wed, 08 Mar 2023 01:06:22 GMT
accept-ranges: bytes
etag: "1d9515a327b3a74"
set-cookie: TiPMix=44.25419346781562; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0p/QHZAAAAAAKJJTTrc0uSLBXLtWgQx5sQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:23 GMT
-
Remote address:13.107.237.48:443RequestGET /static/fonts/space-grotesk-v12-latin-700.woff2 HTTP/2.0
host: dotnet.microsoft.com
accept: */*
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://dotnet.microsoft.com
accept-encoding: gzip, deflate, br
cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581378; at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248442
ResponseHTTP/2.0 200
content-length: 11448
content-type: font/woff2
last-modified: Wed, 08 Mar 2023 01:06:22 GMT
accept-ranges: bytes
etag: "1d9515a327b57b8"
set-cookie: TiPMix=50.13567100045149; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0p/QHZAAAAACl6mJ73vDgRIyv3oaJlH+MQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:23 GMT
-
Remote address:8.8.8.8:53Request48.237.107.13.in-addr.arpaIN PTRResponse
-
GEThttps://dotnet.microsoft.com/get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0MicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0 HTTP/2.0
host: dotnet.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 302
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pfQHZAAAAAASLyUckEtWQqSQnRbNCTlqQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:21 GMT
content-length: 0
-
GEThttps://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframeworkMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /download/dotnet-framework/net481?cid=getdotnetframework HTTP/2.0
host: dotnet.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 302
content-type: text/html; charset=utf-8
location: /en-us/download/dotnet-framework/net481?cid=getdotnetframework
set-cookie: TiPMix=4.997230740209357; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAADAi9xoy49bR429o1dAk6LCQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:21 GMT
-
GEThttps://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframeworkMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /en-us/download/dotnet-framework/net481?cid=getdotnetframework HTTP/2.0
host: dotnet.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: TiPMix=22.396473986906564; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAAB5bI4mf5OIRof4EKay/J3VQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:21 GMT
-
GEThttps://dotnet.microsoft.com/static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3YMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3Y HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff287c"
vary: Accept-Encoding
set-cookie: TiPMix=44.79447850769861; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAAAToLT1iSpaRq4I9Ro+CViXQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8MicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8 HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7fd9182"
vary: Accept-Encoding
set-cookie: TiPMix=24.14119856232452; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAADYRFLdFiNdQoDX1APX9XnuQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2lsMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2ls HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff3c10"
vary: Accept-Encoding
set-cookie: TiPMix=35.29837414411791; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAADTR6G0r2huQZJPKUJm+HZXQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4QMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4Q HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff28da"
vary: Accept-Encoding
set-cookie: TiPMix=23.459672291854982; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAACaiN4xrUNnRL8OHhIDZZErQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6UMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6U HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7feb3ea"
vary: Accept-Encoding
set-cookie: TiPMix=9.458192379812125; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAAB9Ah0F5Cm3S5Q6XJ/EDzLWQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4MicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4 HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff57da"
vary: Accept-Encoding
set-cookie: TiPMix=70.54623759255446; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAAB8hKEuNFUxQbtbv5McdWgAQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
GEThttps://dotnet.microsoft.com/static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQMicrosoftEdgeCP.exeRemote address:13.107.237.48:443RequestGET /static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQ HTTP/2.0
host: dotnet.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 01:10:06 GMT
accept-ranges: bytes
etag: "1d9515ab7ff281e"
vary: Accept-Encoding
set-cookie: TiPMix=29.115464038719608; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0pvQHZAAAAADb1kXttkFCQ5qmGCGics2IQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:22 GMT
-
Remote address:13.107.237.48:443RequestGET /static/images/redesign/alert-promo.svg HTTP/2.0
host: dotnet.microsoft.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581960; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248442; at_check=true
ResponseHTTP/2.0 200
content-length: 1874
content-type: image/svg+xml
last-modified: Wed, 08 Mar 2023 01:06:22 GMT
accept-ranges: bytes
etag: "1d9515a327b7c52"
set-cookie: TiPMix=49.11139313728814; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0qPQHZAAAAADPftbcGrStQ6Equ50BAa97QU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:23 GMT
-
Remote address:13.107.237.48:443RequestGET /static/images/redesign/alert-info.svg HTTP/2.0
host: dotnet.microsoft.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581960; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248442; at_check=true
ResponseHTTP/2.0 200
content-length: 726
content-type: image/svg+xml
last-modified: Wed, 08 Mar 2023 01:06:22 GMT
accept-ranges: bytes
etag: "1d9515a327b79d6"
set-cookie: TiPMix=27.286406220339067; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-azure-ref: 0qPQHZAAAAABjGHZB80cQSr8ZwLsMRvjvQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
date: Wed, 08 Mar 2023 02:36:23 GMT
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A173.223.113.131
-
Remote address:8.8.8.8:53Requeststatics-marketingsites-wcus-ms-com.akamaized.netIN AResponsestatics-marketingsites-wcus-ms-com.akamaized.netIN CNAMEa1778.g2.akamai.neta1778.g2.akamai.netIN A23.32.238.226a1778.g2.akamai.netIN A23.32.238.218
-
Remote address:8.8.8.8:53Requestjs.monitor.azure.comIN AResponsejs.monitor.azure.comIN CNAMEaijscdn2.azureedge.netaijscdn2.azureedge.netIN CNAMEaijscdn2.afd.azureedge.netaijscdn2.afd.azureedge.netIN CNAMEfirstparty-azurefd-prod.trafficmanager.netfirstparty-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0020.t-0009.fdv2-t-msedge.netshed.dual-low.part-0020.t-0009.fdv2-t-msedge.netIN CNAMEpart-0020.t-0009.fdv2-t-msedge.netpart-0020.t-0009.fdv2-t-msedge.netIN A13.107.237.48part-0020.t-0009.fdv2-t-msedge.netIN A13.107.238.48
-
Remote address:8.8.8.8:53Requesttarget.microsoft.comIN AResponsetarget.microsoft.comIN CNAMEmicrosoftmscompoc.tt.omtrdc.netmicrosoftmscompoc.tt.omtrdc.netIN CNAMEmboxedge31.tt.omtrdc.netmboxedge31.tt.omtrdc.netIN CNAMEmboxedge31-alb.tt.omtrdc.netmboxedge31-alb.tt.omtrdc.netIN A15.206.251.85mboxedge31-alb.tt.omtrdc.netIN A15.207.29.139mboxedge31-alb.tt.omtrdc.netIN A3.109.115.193mboxedge31-alb.tt.omtrdc.netIN A35.154.62.160mboxedge31-alb.tt.omtrdc.netIN A65.2.93.183mboxedge31-alb.tt.omtrdc.netIN A43.205.224.61mboxedge31-alb.tt.omtrdc.netIN A13.234.102.54mboxedge31-alb.tt.omtrdc.netIN A3.108.216.255
-
Remote address:8.8.8.8:53Requestmicrosoftmscompoc.tt.omtrdc.netIN AResponsemicrosoftmscompoc.tt.omtrdc.netIN CNAMEmboxedge31.tt.omtrdc.netmboxedge31.tt.omtrdc.netIN CNAMEmboxedge31-alb.tt.omtrdc.netmboxedge31-alb.tt.omtrdc.netIN A3.6.5.26mboxedge31-alb.tt.omtrdc.netIN A13.234.102.54mboxedge31-alb.tt.omtrdc.netIN A43.205.224.61mboxedge31-alb.tt.omtrdc.netIN A3.108.216.255mboxedge31-alb.tt.omtrdc.netIN A13.234.170.191mboxedge31-alb.tt.omtrdc.netIN A15.206.251.85mboxedge31-alb.tt.omtrdc.netIN A65.2.93.183mboxedge31-alb.tt.omtrdc.netIN A15.206.26.228
-
GEThttps://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231MicrosoftEdgeCP.exeRemote address:173.223.113.131:443RequestGET /onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231 HTTP/2.0
host: www.microsoft.com
accept: text/css, */*
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
last-modified: Wed, 04 Jan 2023 11:45:02 GMT
x-activity-id: eb4c5787-d9d6-4751-9839-1249c2466e7a
x-appversion: 1.0.8377.8392
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-12-08T12:39:44.0000000Z}
ms-operation-id: d492f47a3fc2814e9a634cad3e54d0db
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2023-01-04T11:45:02
x-s2: 2023-01-04T11:45:02
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 22729
cache-control: public, max-age=26125673
expires: Thu, 04 Jan 2024 11:44:15 GMT
date: Wed, 08 Mar 2023 02:36:22 GMT
vary: Accept-Encoding
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV12abaeeb.0
ms-cv-esi: CASMicrosoftCV12abaeeb.0
x-rtag: RT
-
GEThttps://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1MicrosoftEdgeCP.exeRemote address:173.223.113.131:443RequestGET /onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1 HTTP/2.0
host: www.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
last-modified: Tue, 24 Jan 2023 17:57:21 GMT
x-activity-id: 0eebee8e-0518-4a7e-803e-c07b6943a742
x-appversion: 1.0.8405.38376
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-01-06T05:19:12.0000000Z}
ms-operation-id: 25e7e3c26b210b499854b8cc2aafc922
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2023-01-24T17:57:21
x-s2: 2023-01-24T17:57:22
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 35900
cache-control: public, max-age=27876019
expires: Wed, 24 Jan 2024 17:56:41 GMT
date: Wed, 08 Mar 2023 02:36:22 GMT
vary: Accept-Encoding
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV12abb81b.0
ms-cv-esi: CASMicrosoftCV12abb81b.0
x-rtag: RT
-
Remote address:173.223.113.131:443RequestGET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/2.0
host: www.microsoft.com
accept: */*
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://dotnet.microsoft.com
accept-encoding: gzip, deflate, br
cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248442
ResponseHTTP/2.0 200
last-modified: Wed, 04 Jan 2023 18:59:51 GMT
x-activity-id: e6b35c82-c383-41d5-83b0-bc8a7608c520
x-appversion: 1.0.8377.8392
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-12-08T12:39:44.0000000Z}
ms-operation-id: fba75867a27e4947885e81814f64fd7b
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 26288
cache-control: public, max-age=26151867
expires: Thu, 04 Jan 2024 19:00:50 GMT
date: Wed, 08 Mar 2023 02:36:23 GMT
tls_version: tls1.2
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV12abe61b.0
ms-cv-esi: CASMicrosoftCV12abe61b.0
x-rtag: RT
-
GEThttps://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.cssMicrosoftEdgeCP.exeRemote address:23.32.238.226:443RequestGET /statics/override.css HTTP/1.1
Accept: text/css, */*
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Accept-Encoding: gzip, deflate, br
Host: statics-marketingsites-wcus-ms-com.akamaized.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
ETag: 0x8D6EEC3A2D67C35
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e4723bd2-f01e-001e-62c3-66d0e7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Vary: Accept-Encoding
Content-Encoding: gzip
Unused62: 8096267
Content-Length: 473
Date: Wed, 08 Mar 2023 02:36:22 GMT
Connection: keep-alive
-
Remote address:13.107.237.48:443RequestGET /scripts/c/ms.analytics-web-3.min.js HTTP/2.0
host: js.monitor.azure.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: aluZD4aW63pn7P5rWzyrCw==
last-modified: Tue, 21 Feb 2023 18:31:48 GMT
etag: 0x8DB1439E4C632FC
x-cache: TCP_HIT
x-ms-request-id: 4da81a76-201e-000c-1664-516c92000000
x-ms-version: 2009-09-19
x-ms-meta-jssdkver: 3.2.9
x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.analytics-web-3.2.9.min.js
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-lastmodified,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 0pvQHZAAAAAAeq4183oWnQYCJHCNkEFK8QU1TMDRFREdFMTkxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
date: Wed, 08 Mar 2023 02:36:21 GMT
-
Remote address:13.107.237.48:443RequestGET /scripts/b/ai.2.min.js HTTP/2.0
host: js.monitor.azure.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
if-modified-since: Mon, 13 Feb 2023 18:12:26 GMT
if-none-match: 0x8DB0DEDDD07F1CC
ResponseHTTP/2.0 304
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: h4Oif1EgSoBMW/uWvEgbaw==
last-modified: Mon, 13 Feb 2023 18:12:26 GMT
etag: 0x8DB0DEDDD07F1CC
x-cache: TCP_HIT
x-ms-request-id: 32438eb1-a01e-00c4-4063-51b0c7000000
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.10.min.js
x-ms-meta-aijssdkver: 2.8.10
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 0qPQHZAAAAACkgghKPId4S5Olvuc0lseKQU1TMDRFREdFMTkxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
date: Wed, 08 Mar 2023 02:36:24 GMT
-
Remote address:8.8.8.8:53Requestwcpstatic.microsoft.comIN AResponsewcpstatic.microsoft.comIN CNAMEconsentdeliveryfd.azurefd.netconsentdeliveryfd.azurefd.netIN CNAMEfirstparty-azurefd-prod.trafficmanager.netfirstparty-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0040.t-0009.fdv2-t-msedge.netshed.dual-low.part-0040.t-0009.fdv2-t-msedge.netIN CNAMEpart-0040.t-0009.fdv2-t-msedge.netpart-0040.t-0009.fdv2-t-msedge.netIN A13.107.237.68part-0040.t-0009.fdv2-t-msedge.netIN A13.107.238.68
-
Remote address:8.8.8.8:53Request226.238.32.23.in-addr.arpaIN PTRResponse226.238.32.23.in-addr.arpaIN PTRa23-32-238-226deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request131.113.223.173.in-addr.arpaIN PTRResponse131.113.223.173.in-addr.arpaIN PTRa173-223-113-131deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request234.238.32.23.in-addr.arpaIN PTRResponse234.238.32.23.in-addr.arpaIN PTRa23-32-238-234deploystaticakamaitechnologiescom
-
Remote address:13.107.237.68:443RequestGET /mscc/lib/v2/wcp-consent.js HTTP/2.0
host: wcpstatic.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-length: 13055
content-type: application/javascript
content-encoding: gzip
content-md5: QT/MdZzBmCG2G2lBgIsptQ==
last-modified: Wed, 24 Aug 2022 17:34:58 GMT
age: 4624
etag: 0x8DA85F6F74C6D08
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-cache: CONFIG_NOCACHE
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 7e8d8694-f01e-0028-2c5c-51fe51000000
x-ms-version: 2009-09-19
x-azure-ref: 0p/QHZAAAAACV2klskBjeQLdpSTqk6IVDQU1TMDRFREdFMTkyMAAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
date: Wed, 08 Mar 2023 02:36:23 GMT
-
GEThttps://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.cssMicrosoftEdgeCP.exeRemote address:23.32.238.226:443RequestGET /statics/override.css HTTP/1.1
Accept: text/css, */*
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Accept-Encoding: gzip, deflate, br
Host: statics-marketingsites-wcus-ms-com.akamaized.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
ETag: 0x8D6EEC3A2D67C35
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e4723bd2-f01e-001e-62c3-66d0e7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Vary: Accept-Encoding
Content-Encoding: gzip
Unused62: 8096267
Content-Length: 473
Date: Wed, 08 Mar 2023 02:36:23 GMT
Connection: keep-alive
-
Remote address:13.107.237.48:443RequestGET /scripts/c/ms.analytics-web-3.min.js HTTP/2.0
host: js.monitor.azure.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
if-modified-since: Tue, 21 Feb 2023 18:31:48 GMT
if-none-match: 0x8DB1439E4C632FC
ResponseHTTP/2.0 304
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: aluZD4aW63pn7P5rWzyrCw==
last-modified: Tue, 21 Feb 2023 18:31:48 GMT
etag: 0x8DB1439E4C632FC
x-cache: TCP_HIT
x-ms-request-id: 4da81a76-201e-000c-1664-516c92000000
x-ms-version: 2009-09-19
x-ms-meta-jssdkver: 3.2.9
x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.analytics-web-3.2.9.min.js
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-lastmodified,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 0pvQHZAAAAAD1SuGtXEuITonTE7Ce80beQU1TMDRFREdFMTgxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
date: Wed, 08 Mar 2023 02:36:21 GMT
-
Remote address:13.107.237.48:443RequestGET /scripts/b/ai.2.min.js HTTP/2.0
host: js.monitor.azure.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: h4Oif1EgSoBMW/uWvEgbaw==
last-modified: Mon, 13 Feb 2023 18:12:26 GMT
etag: 0x8DB0DEDDD07F1CC
x-cache: TCP_HIT
x-ms-request-id: 32438eb1-a01e-00c4-4063-51b0c7000000
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.10.min.js
x-ms-meta-aijssdkver: 2.8.10
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 0qPQHZAAAAABtdnI098tUQYbJV1uRDd2SQU1TMDRFREdFMTgxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
date: Wed, 08 Mar 2023 02:36:23 GMT
-
Remote address:13.107.237.68:443RequestGET /mscc/lib/v2/wcp-consent.js HTTP/2.0
host: wcpstatic.microsoft.com
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: application/javascript
content-length: 13055
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 40637
cache-control: max-age=43200
content-md5: QT/MdZzBmCG2G2lBgIsptQ==
etag: 0x8DA85F6F74C6D08
last-modified: Wed, 24 Aug 2022 17:34:58 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 4789fc7d-801e-009f-2108-51591b000000
x-ms-version: 2009-09-19
x-azure-ref: 20230308T023622Z-zytaftv7s126h2n5uwwugcv0y800000007qg00000001c0a8
accept-ranges: bytes
-
Remote address:8.8.8.8:53Request68.237.107.13.in-addr.arpaIN PTRResponse
-
POSThttps://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2MicrosoftEdgeCP.exeRemote address:15.206.251.85:443RequestPOST /rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2 HTTP/2.0
host: target.microsoft.com
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/plain
accept-encoding: gzip, deflate, br
content-length: 763
cache-control: no-cache
cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248443
ResponseHTTP/2.0 200
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://dotnet.microsoft.com
access-control-allow-credentials: true
x-request-id: e92ea57d23ee2e4213ef3de3dd0aa233
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
-
Remote address:13.107.237.48:443RequestGET /favicon.ico HTTP/2.0
host: dotnet.microsoft.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1
ResponseHTTP/2.0 200
content-type: image/x-icon
content-length: 17174
cache-control: public, max-age=3600
etag: "1d9515a327b3816"
last-modified: Wed, 08 Mar 2023 01:06:22 GMT
set-cookie: TiPMix=98.96735840302507; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-azure-ref: 20230308T023628Z-q5dxq3zugt0p394y95453uq91w000000076000000000h3a5
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
-
POSThttps://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2MicrosoftEdgeCP.exeRemote address:15.206.251.85:443RequestPOST /rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2 HTTP/2.0
host: target.microsoft.com
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/plain
accept-encoding: gzip, deflate, br
content-length: 763
cache-control: no-cache
cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248444
ResponseHTTP/2.0 200
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://dotnet.microsoft.com
access-control-allow-credentials: true
x-request-id: e2497770463d595a769b5b451fcee745
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
-
Remote address:8.8.8.8:53Requestbrowser.events.data.microsoft.comIN AResponsebrowser.events.data.microsoft.comIN CNAMEbrowser.events.data.trafficmanager.netbrowser.events.data.trafficmanager.netIN CNAMEonedscolprdeus01.eastus.cloudapp.azure.comonedscolprdeus01.eastus.cloudapp.azure.comIN A52.168.112.66
-
OPTIONShttps://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0MicrosoftEdgeCP.exeRemote address:52.168.112.66:443RequestOPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Accept: */*
Origin: https://dotnet.microsoft.com
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Access-Control-Request-Headers: Client-Id, client-version, apikey, upload-time, time-delta-to-apply-millis, cache-control, content-type
Access-Control-Request-Method: POST
Accept-Encoding: gzip, deflate, br
Host: browser.events.data.microsoft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://dotnet.microsoft.com
Date: Wed, 08 Mar 2023 02:36:25 GMT
-
POSThttps://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0MicrosoftEdgeCP.exeRemote address:52.168.112.66:443RequestPOST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Accept: */*
Origin: https://dotnet.microsoft.com
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.9
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
upload-time: 1678246583385
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
Accept-Encoding: gzip, deflate, br
Host: browser.events.data.microsoft.com
Content-Length: 919
Connection: Keep-Alive
Cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248444; MSCC=NR
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: MC1=GUID=bb57d6840a9041d8a221f5d7f39f21e2&HASH=bb57&LV=202303&V=4&LU=1678242986011; Domain=.microsoft.com; Expires=Thu, 07 Mar 2024 02:36:26 GMT; Path=/;Secure; SameSite=None
Set-Cookie: MS0=43c95a242fe1481a859df490bc4be4a3; Domain=.microsoft.com; Expires=Wed, 08 Mar 2023 03:06:26 GMT; Path=/;Secure; SameSite=None
time-delta-millis: -3597374
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dotnet.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Date: Wed, 08 Mar 2023 02:36:25 GMT
-
OPTIONShttps://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0MicrosoftEdgeCP.exeRemote address:52.168.112.66:443RequestOPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0 HTTP/1.1
Accept: */*
Origin: https://dotnet.microsoft.com
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Access-Control-Request-Headers: Client-Id, client-version, apikey, upload-time, time-delta-to-apply-millis, cache-control, content-type
Access-Control-Request-Method: POST
Accept-Encoding: gzip, deflate, br
Host: browser.events.data.microsoft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://dotnet.microsoft.com
Date: Wed, 08 Mar 2023 02:36:27 GMT
-
POSThttps://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0MicrosoftEdgeCP.exeRemote address:52.168.112.66:443RequestPOST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0 HTTP/1.1
Accept: */*
Origin: https://dotnet.microsoft.com
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.9
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
upload-time: 1678246585321
time-delta-to-apply-millis: -3597374
cache-control: no-cache, no-store
content-type: application/x-json-stream
Accept-Encoding: gzip, deflate, br
Host: browser.events.data.microsoft.com
Content-Length: 7568
Connection: Keep-Alive
Cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248445|PC#238eb867aeee44dc98ede3c44363af51.31_0#1712426585; MSCC=NR; MC1=GUID=bb57d6840a9041d8a221f5d7f39f21e2&HASH=bb57&LV=202303&V=4&LU=1678242986011
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: MS0=6fc7c541d1ba468e88f3ddaac84a5ad5; Domain=.microsoft.com; Expires=Wed, 08 Mar 2023 03:06:27 GMT; Path=/;Secure; SameSite=None
time-delta-millis: -3597763
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dotnet.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Date: Wed, 08 Mar 2023 02:36:27 GMT
-
Remote address:8.8.8.8:53Request85.251.206.15.in-addr.arpaIN PTRResponse85.251.206.15.in-addr.arpaIN PTRec2-15-206-251-85 ap-south-1compute amazonawscom
-
OPTIONShttps://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0MicrosoftEdgeCP.exeRemote address:52.168.112.66:443RequestOPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Accept: */*
Origin: https://dotnet.microsoft.com
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Access-Control-Request-Headers: Client-Id, client-version, apikey, upload-time, time-delta-to-apply-millis, cache-control, content-type
Access-Control-Request-Method: POST
Accept-Encoding: gzip, deflate, br
Host: browser.events.data.microsoft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://dotnet.microsoft.com
Date: Wed, 08 Mar 2023 02:36:26 GMT
-
POSThttps://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0MicrosoftEdgeCP.exeRemote address:52.168.112.66:443RequestPOST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Accept: */*
Origin: https://dotnet.microsoft.com
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.9
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
upload-time: 1678246584428
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
Accept-Encoding: gzip, deflate, br
Host: browser.events.data.microsoft.com
Content-Length: 2903
Connection: Keep-Alive
Cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248444; MSCC=NR; MC1=GUID=bb57d6840a9041d8a221f5d7f39f21e2&HASH=bb57&LV=202303&V=4&LU=1678242986011
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: MS0=ba0e7025f5c148c4bb482ffb754db299; Domain=.microsoft.com; Expires=Wed, 08 Mar 2023 03:06:26 GMT; Path=/;Secure; SameSite=None
time-delta-millis: -3597687
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dotnet.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Date: Wed, 08 Mar 2023 02:36:26 GMT
-
OPTIONShttps://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0MicrosoftEdgeCP.exeRemote address:52.168.112.66:443RequestOPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Accept: */*
Origin: https://dotnet.microsoft.com
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Access-Control-Request-Headers: Client-Id, client-version, apikey, upload-time, time-delta-to-apply-millis, cache-control, content-type
Access-Control-Request-Method: POST
Accept-Encoding: gzip, deflate, br
Host: browser.events.data.microsoft.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://dotnet.microsoft.com
Date: Wed, 08 Mar 2023 02:36:27 GMT
-
POSThttps://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0MicrosoftEdgeCP.exeRemote address:52.168.112.66:443RequestPOST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Accept: */*
Origin: https://dotnet.microsoft.com
Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.9
apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
upload-time: 1678246585662
time-delta-to-apply-millis: -3597687
cache-control: no-cache, no-store
content-type: application/x-json-stream
Accept-Encoding: gzip, deflate, br
Host: browser.events.data.microsoft.com
Content-Length: 5413
Connection: Keep-Alive
Cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248446|PC#238eb867aeee44dc98ede3c44363af51.31_0#1712426586; MSCC=NR; MC1=GUID=bb57d6840a9041d8a221f5d7f39f21e2&HASH=bb57&LV=202303&V=4&LU=1678242986011
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: MS0=08d45c78dc214eb9b524984018e2c382; Domain=.microsoft.com; Expires=Wed, 08 Mar 2023 03:06:27 GMT; Path=/;Secure; SameSite=None
time-delta-millis: -3597938
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dotnet.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Date: Wed, 08 Mar 2023 02:36:27 GMT
-
Remote address:8.8.8.8:53Request66.112.168.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestwestus2-0.in.applicationinsights.azure.comIN AResponsewestus2-0.in.applicationinsights.azure.comIN CNAMEwestus2-0.in.ai.monitor.azure.comwestus2-0.in.ai.monitor.azure.comIN CNAMEwestus2-0.in.ai.privatelink.monitor.azure.comwestus2-0.in.ai.privatelink.monitor.azure.comIN CNAMEwus2-breeziest-in.trafficmanager.netwus2-breeziest-in.trafficmanager.netIN CNAMEgig-ai-prod-wus2-01-app-v4-tag.westus2.cloudapp.azure.comgig-ai-prod-wus2-01-app-v4-tag.westus2.cloudapp.azure.comIN A20.9.155.148
-
Remote address:20.9.155.148:443RequestOPTIONS //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
access-control-request-headers: Content-type
access-control-request-method: POST
accept-encoding: gzip, deflate, br
content-length: 0
cache-control: no-cache
ResponseHTTP/2.0 200
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-max-age: 3600
x-request-id: 15ce1034-c7e1-48af-93fc-05ed84713b49
date: Wed, 08 Mar 2023 02:36:27 GMT
-
Remote address:20.9.155.148:443RequestPOST //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: application/json
accept-encoding: gzip, deflate, br
content-length: 4675
cache-control: no-cache
ResponseHTTP/2.0 200
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
access-control-allow-origin: *
x-request-id: 59179ccc-8251-4220-bed5-498f4ef891ae
date: Wed, 08 Mar 2023 02:36:28 GMT
-
Remote address:20.9.155.148:443RequestPOST //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: application/json
accept-encoding: gzip, deflate, br
content-length: 2514
cache-control: no-cache
ResponseHTTP/2.0 200
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
access-control-allow-origin: *
x-request-id: 13a7bed3-da2b-4292-92db-222c58418f3e
date: Wed, 08 Mar 2023 02:36:44 GMT
-
Remote address:8.8.8.8:53Request148.155.9.20.in-addr.arpaIN PTRResponse
-
Remote address:20.9.155.148:443RequestOPTIONS //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
access-control-request-headers: Content-type
access-control-request-method: POST
accept-encoding: gzip, deflate, br
content-length: 0
cache-control: no-cache
ResponseHTTP/2.0 200
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-max-age: 3600
x-request-id: 6548138a-e3e7-4399-a737-63d3daa28f99
date: Wed, 08 Mar 2023 02:36:28 GMT
-
Remote address:20.9.155.148:443RequestPOST //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: application/json
accept-encoding: gzip, deflate, br
content-length: 4674
cache-control: no-cache
ResponseHTTP/2.0 200
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
access-control-allow-origin: *
x-request-id: ed4ae9c0-7ed7-4aa4-bcf6-b1109c93a849
date: Wed, 08 Mar 2023 02:36:28 GMT
-
Remote address:20.9.155.148:443RequestPOST //v2/track HTTP/2.0
host: westus2-0.in.applicationinsights.azure.com
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: application/json
accept-encoding: gzip, deflate, br
content-length: 878
cache-control: no-cache
ResponseHTTP/2.0 200
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
access-control-allow-origin: *
x-request-id: fbd4df05-71d6-4403-b261-c3bca21d95d7
date: Wed, 08 Mar 2023 02:36:46 GMT
-
Remote address:8.8.8.8:53Requestwww.clarity.msIN AResponsewww.clarity.msIN CNAMEclarity.azurefd.netclarity.azurefd.netIN CNAMEstar-azurefd-prod.trafficmanager.netstar-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0020.t-0009.fdv2-t-msedge.netshed.dual-low.part-0020.t-0009.fdv2-t-msedge.netIN CNAMEpart-0020.t-0009.fdv2-t-msedge.netpart-0020.t-0009.fdv2-t-msedge.netIN A13.107.237.48part-0020.t-0009.fdv2-t-msedge.netIN A13.107.238.48
-
Remote address:13.107.237.48:443RequestGET /tag/51xi6lo2qb HTTP/2.0
host: www.clarity.ms
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 200
content-type: application/x-javascript
expires: -1
set-cookie: CLID=f629f2ab0d9c44a58546d07e24b40ca2.20230308.20240307; expires=Thu, 07 Mar 2024 02:36:29 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 0rfQHZAAAAABUJVVVXXWxSLtMxuQzb7+/QU1TMDRFREdFMTkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 08 Mar 2023 02:36:29 GMT
-
Remote address:13.107.237.48:443RequestGET /eus-e-sc/s/0.7.2/clarity.js HTTP/2.0
host: www.clarity.ms
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: CLID=f629f2ab0d9c44a58546d07e24b40ca2.20230308.20240307
ResponseHTTP/2.0 200
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d94d032bd8761c"
x-cache: TCP_HIT
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
x-azure-ref: 0rfQHZAAAAAAfAO/cHLnRTK+xlIdj8CUQQU1TMDRFREdFMTkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 08 Mar 2023 02:36:29 GMT
-
Remote address:8.8.8.8:53Requestc.clarity.msIN AResponsec.clarity.msIN CNAMEc.msn.comc.msn.comIN CNAMEc-msn-com-nsatc.trafficmanager.netc-msn-com-nsatc.trafficmanager.netIN A20.205.115.81
-
Remote address:20.205.115.81:443RequestGET /c.gif HTTP/2.0
host: c.clarity.ms
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 302
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.clarity.ms; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 08 Mar 2023 02:36:29 GMT
content-length: 0
-
GEThttps://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4MicrosoftEdgeCP.exeRemote address:20.205.115.81:443RequestGET /c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4 HTTP/2.0
host: c.clarity.ms
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: SM=T; MUID=37BDD836ED616D341CCFCAF8E96163B4
ResponseHTTP/2.0 200
pragma: no-cache
content-type: image/gif
last-modified: Fri, 17 Feb 2023 00:56:25 GMT
accept-ranges: bytes
etag: "625d0a86a42d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.clarity.ms; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure; Priority=High;
set-cookie: MR=0; domain=c.clarity.ms; expires=Wed, 15-Mar-2023 02:36:30 GMT; path=/; SameSite=None; Secure;
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 08-Mar-2023 02:46:30 GMT; path=/; SameSite=None; Secure;
date: Wed, 08 Mar 2023 02:36:29 GMT
content-length: 42
-
Remote address:8.8.8.8:53Requestw.clarity.msIN AResponsew.clarity.msIN CNAMEclarity-ingest-eus-e-sc.eastus.cloudapp.azure.comclarity-ingest-eus-e-sc.eastus.cloudapp.azure.comIN A23.96.124.156
-
Remote address:23.96.124.156:443RequestPOST /collect HTTP/2.0
host: w.clarity.ms
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/plain;charset=UTF-8
accept-encoding: gzip, deflate, br
content-length: 732
cache-control: no-cache
ResponseHTTP/2.0 204
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
access-control-allow-origin: https://dotnet.microsoft.com
access-control-allow-credentials: true
date: Wed, 08 Mar 2023 02:36:29 GMT
-
Remote address:23.96.124.156:443RequestPOST /collect HTTP/2.0
host: w.clarity.ms
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/plain;charset=UTF-8
accept-encoding: gzip, deflate, br
content-length: 211861
cache-control: no-cache
cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4
ResponseHTTP/2.0 204
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
access-control-allow-origin: https://dotnet.microsoft.com
access-control-allow-credentials: true
date: Wed, 08 Mar 2023 02:36:30 GMT
-
Remote address:8.8.8.8:53Requestwww.clarity.msIN AResponsewww.clarity.msIN CNAMEclarity.azurefd.netclarity.azurefd.netIN CNAMEstar-azurefd-prod.trafficmanager.netstar-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0040.t-0009.fdv2-t-msedge.netshed.dual-low.part-0040.t-0009.fdv2-t-msedge.netIN CNAMEpart-0040.t-0009.fdv2-t-msedge.netpart-0040.t-0009.fdv2-t-msedge.netIN A13.107.237.68part-0040.t-0009.fdv2-t-msedge.netIN A13.107.238.68
-
Remote address:13.107.237.68:443RequestGET /tag/51xi6lo2qb HTTP/2.0
host: www.clarity.ms
accept: application/javascript, */*;q=0.8
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: CLID=f629f2ab0d9c44a58546d07e24b40ca2.20230308.20240307
ResponseHTTP/2.0 200
content-type: application/x-javascript
cache-control: no-cache, no-store
expires: -1
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-azure-ref: 20230308T023630Z-2cc23mza956vt6hfn4cvezmz10000000077g000000003chu
x-cache: CONFIG_NOCACHE
-
Remote address:8.8.8.8:53Requestc.bing.comIN AResponsec.bing.comIN CNAMEc-bing-com.a-0001.a-msedge.netc-bing-com.a-0001.a-msedge.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
GEThttps://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4MicrosoftEdgeCP.exeRemote address:204.79.197.200:443RequestGET /c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4 HTTP/2.0
host: c.bing.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
ResponseHTTP/2.0 302
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.bing.com; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure; Priority=High;
set-cookie: MR=0; domain=c.bing.com; expires=Wed, 15-Mar-2023 02:36:30 GMT; path=/; SameSite=None; Secure;
set-cookie: SRM_B=37BDD836ED616D341CCFCAF8E96163B4; domain=c.bing.com; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6676333B187541339DA6344B4FA52A72 Ref B: AMS04EDGE3512 Ref C: 2023-03-08T02:36:30Z
date: Wed, 08 Mar 2023 02:36:30 GMT
content-length: 0
-
Remote address:20.205.115.81:443RequestGET /c.gif HTTP/2.0
host: c.clarity.ms
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; SM=T
ResponseHTTP/2.0 302
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.clarity.ms; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 08 Mar 2023 02:36:30 GMT
content-length: 0
-
GEThttps://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4MicrosoftEdgeCP.exeRemote address:20.205.115.81:443RequestGET /c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4 HTTP/2.0
host: c.clarity.ms
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; SM=T; MR=0
ResponseHTTP/2.0 200
pragma: no-cache
content-type: image/gif
last-modified: Fri, 17 Feb 2023 00:56:25 GMT
accept-ranges: bytes
etag: "625d0a86a42d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.clarity.ms; expires=Mon, 01-Apr-2024 02:36:31 GMT; path=/; SameSite=None; Secure; Priority=High;
set-cookie: MR=0; domain=c.clarity.ms; expires=Wed, 15-Mar-2023 02:36:31 GMT; path=/; SameSite=None; Secure;
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 08-Mar-2023 02:46:31 GMT; path=/; SameSite=None; Secure;
date: Wed, 08 Mar 2023 02:36:30 GMT
content-length: 42
-
Remote address:8.8.8.8:53Request200.232.18.117.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request81.115.205.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request156.124.96.23.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request200.197.79.204.in-addr.arpaIN PTRResponse200.197.79.204.in-addr.arpaIN PTRa-0001a-msedgenet
-
GEThttps://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4MicrosoftEdgeCP.exeRemote address:204.79.197.200:443RequestGET /c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4 HTTP/2.0
host: c.bing.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; MR=0; SRM_B=37BDD836ED616D341CCFCAF8E96163B4
ResponseHTTP/2.0 302
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=37BDD836ED616D341CCFCAF8E96163B4; domain=c.bing.com; expires=Mon, 01-Apr-2024 02:36:31 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CBCF073F03C74C4CA5BF6B9F3A20BA12 Ref B: AMS04EDGE3515 Ref C: 2023-03-08T02:36:31Z
date: Wed, 08 Mar 2023 02:36:30 GMT
content-length: 0
-
Remote address:23.96.124.156:443RequestPOST /collect HTTP/2.0
host: w.clarity.ms
accept: */*
origin: https://dotnet.microsoft.com
referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/plain;charset=UTF-8
accept-encoding: gzip, deflate, br
content-length: 732
cache-control: no-cache
cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4
ResponseHTTP/2.0 204
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
access-control-allow-origin: https://dotnet.microsoft.com
access-control-allow-credentials: true
date: Wed, 08 Mar 2023 02:36:31 GMT
-
Remote address:8.8.8.8:53Request233.141.123.20.in-addr.arpaIN PTRResponse
-
1.2kB 7.5kB 16 13
-
13.107.237.48:443https://dotnet.microsoft.com/static/fonts/space-grotesk-v12-latin-700.woff2tls, http2MicrosoftEdgeCP.exe32.6kB 625.5kB 650 647
HTTP Request
GET https://dotnet.microsoft.com/get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0HTTP Response
302HTTP Request
GET https://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframeworkHTTP Response
302HTTP Request
GET https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframeworkHTTP Response
200HTTP Request
GET https://dotnet.microsoft.com/static/css/bootstrap-custom.min.css?v=EDbDNv-EoxbdChr2Men0D63u9rPl50WPGUpFVl91y38HTTP Request
GET https://dotnet.microsoft.com/static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3YHTTP Request
GET https://dotnet.microsoft.com/static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2lsHTTP Request
GET https://dotnet.microsoft.com/static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8HTTP Response
200HTTP Request
GET https://dotnet.microsoft.com/static/images/redesign/download/dotnet-framework-runtime.svg?v=22xvQuHVYJL7LD0xeWgHfLKUNROSdPrvv0q3aBlVvsYHTTP Request
GET https://dotnet.microsoft.com/static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4QHTTP Request
GET https://dotnet.microsoft.com/static/js/culture-selector.min.js?v=4_W8YedFnTAVF-SRhGplUFsiivF2-s2hR-NZWrivGYcHTTP Request
GET https://dotnet.microsoft.com/static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6UHTTP Request
GET https://dotnet.microsoft.com/static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4HTTP Request
GET https://dotnet.microsoft.com/static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQHTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://dotnet.microsoft.com/static/fonts/open-sans-v34-latin-regular.woff2HTTP Request
GET https://dotnet.microsoft.com/static/fonts/open-sans-v34-latin-600.woff2HTTP Request
GET https://dotnet.microsoft.com/static/fonts/open-sans-v34-latin-700.woff2HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://dotnet.microsoft.com/static/fonts/space-grotesk-v12-latin-700.woff2HTTP Response
200 -
13.107.237.48:443https://dotnet.microsoft.com/static/images/redesign/alert-info.svgtls, http2MicrosoftEdgeCP.exe24.0kB 455.7kB 472 471
HTTP Request
GET https://dotnet.microsoft.com/get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0HTTP Response
302HTTP Request
GET https://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframeworkHTTP Response
302HTTP Request
GET https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframeworkHTTP Response
200HTTP Request
GET https://dotnet.microsoft.com/static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3YHTTP Request
GET https://dotnet.microsoft.com/static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8HTTP Request
GET https://dotnet.microsoft.com/static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2lsHTTP Request
GET https://dotnet.microsoft.com/static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4QHTTP Request
GET https://dotnet.microsoft.com/static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6UHTTP Request
GET https://dotnet.microsoft.com/static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4HTTP Request
GET https://dotnet.microsoft.com/static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQHTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://dotnet.microsoft.com/static/images/redesign/alert-promo.svgHTTP Request
GET https://dotnet.microsoft.com/static/images/redesign/alert-info.svgHTTP Response
200HTTP Response
200 -
173.223.113.131:443https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.wofftls, http2MicrosoftEdgeCP.exe5.5kB 97.8kB 89 86
HTTP Request
GET https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231HTTP Response
200HTTP Request
GET https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1HTTP Response
200HTTP Request
GET https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woffHTTP Response
200 -
1.3kB 7.1kB 18 17
-
821 B 4.3kB 10 9
-
23.32.238.226:443https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.csstls, httpMicrosoftEdgeCP.exe1.3kB 5.2kB 10 9
HTTP Request
GET https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.cssHTTP Response
200 -
3.5kB 60.4kB 56 54
HTTP Request
GET https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.jsHTTP Response
200HTTP Request
GET https://js.monitor.azure.com/scripts/b/ai.2.min.jsHTTP Response
304 -
1.3kB 6.9kB 14 13
-
13.107.237.68:443https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.jstls, http2MicrosoftEdgeCP.exe1.9kB 20.1kB 25 24
HTTP Request
GET https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.jsHTTP Response
200 -
1.1kB 6.0kB 13 12
-
789 B 4.2kB 9 8
-
23.32.238.226:443https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.csstls, httpMicrosoftEdgeCP.exe1.3kB 5.2kB 9 8
HTTP Request
GET https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.cssHTTP Response
200 -
3.4kB 55.1kB 51 50
HTTP Request
GET https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.jsHTTP Response
304HTTP Request
GET https://js.monitor.azure.com/scripts/b/ai.2.min.jsHTTP Response
200 -
1.4kB 7.4kB 15 12
-
1.3kB 5.5kB 13 11
-
13.107.237.68:443https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.jstls, http2MicrosoftEdgeCP.exe2.1kB 19.5kB 25 22
HTTP Request
GET https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.jsHTTP Response
200 -
1.1kB 5.2kB 15 13
-
15.206.251.85:443https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2tls, http2MicrosoftEdgeCP.exe2.7kB 6.1kB 21 17
HTTP Request
POST https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2HTTP Response
200 -
2.0kB 25.8kB 30 27
HTTP Request
GET https://dotnet.microsoft.com/favicon.icoHTTP Response
200 -
1.1kB 6.9kB 14 13
-
15.206.251.85:443https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2tls, http2MicrosoftEdgeCP.exe2.7kB 6.2kB 22 18
HTTP Request
POST https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2HTTP Response
200 -
1.1kB 5.1kB 14 12
-
838 B 6.6kB 10 7
-
52.168.112.66:443https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0tls, httpMicrosoftEdgeCP.exe13.8kB 10.1kB 25 16
HTTP Request
OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0HTTP Response
200HTTP Request
POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0HTTP Response
200HTTP Request
OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0HTTP Response
200HTTP Request
POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0HTTP Response
200 -
838 B 6.6kB 10 7
-
52.168.112.66:443https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0tls, httpMicrosoftEdgeCP.exe16.5kB 10.2kB 29 19
HTTP Request
OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0HTTP Response
200HTTP Request
POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0HTTP Response
200HTTP Request
OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0HTTP Response
200HTTP Request
POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0HTTP Response
200 -
1.1kB 6.8kB 14 11
-
20.9.155.148:443https://westus2-0.in.applicationinsights.azure.com//v2/tracktls, http2MicrosoftEdgeCP.exe14.7kB 8.5kB 37 27
HTTP Request
OPTIONS https://westus2-0.in.applicationinsights.azure.com//v2/trackHTTP Response
200HTTP Request
POST https://westus2-0.in.applicationinsights.azure.com//v2/trackHTTP Response
200HTTP Request
POST https://westus2-0.in.applicationinsights.azure.com//v2/trackHTTP Response
200 -
322 B 7
-
1.1kB 6.8kB 14 11
-
20.9.155.148:443https://westus2-0.in.applicationinsights.azure.com//v2/tracktls, http2MicrosoftEdgeCP.exe8.1kB 8.1kB 32 22
HTTP Request
OPTIONS https://westus2-0.in.applicationinsights.azure.com//v2/trackHTTP Response
200HTTP Request
POST https://westus2-0.in.applicationinsights.azure.com//v2/trackHTTP Response
200HTTP Request
POST https://westus2-0.in.applicationinsights.azure.com//v2/trackHTTP Response
200 -
2.5kB 27.5kB 35 33
HTTP Request
GET https://www.clarity.ms/tag/51xi6lo2qbHTTP Response
200HTTP Request
GET https://www.clarity.ms/eus-e-sc/s/0.7.2/clarity.jsHTTP Response
200 -
1.3kB 6.0kB 13 11
-
20.205.115.81:443https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4tls, http2MicrosoftEdgeCP.exe1.6kB 7.7kB 17 12
HTTP Request
GET https://c.clarity.ms/c.gifHTTP Response
302HTTP Request
GET https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4HTTP Response
200 -
1.0kB 6.9kB 14 11
-
1.1kB 6.8kB 14 11
-
239.9kB 22.9kB 300 246
HTTP Request
POST https://w.clarity.ms/collectHTTP Request
POST https://w.clarity.ms/collectHTTP Response
204HTTP Response
204 -
1.0kB 5.4kB 13 10
-
1.4kB 6.4kB 15 12
HTTP Request
GET https://www.clarity.ms/tag/51xi6lo2qbHTTP Response
200 -
204.79.197.200:443https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4tls, http2MicrosoftEdgeCP.exe1.6kB 8.9kB 16 15
HTTP Request
GET https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4HTTP Response
302 -
1.2kB 8.1kB 15 14
-
20.205.115.81:443https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4tls, http2MicrosoftEdgeCP.exe1.7kB 7.8kB 17 12
HTTP Request
GET https://c.clarity.ms/c.gifHTTP Response
302HTTP Request
GET https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4HTTP Response
200 -
1.0kB 6.8kB 14 11
-
1.4kB 8.1kB 15 14
-
204.79.197.200:443https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4tls, http2MicrosoftEdgeCP.exe1.8kB 8.7kB 16 15
HTTP Request
GET https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4HTTP Response
302 -
2.5kB 7.2kB 19 13
HTTP Request
POST https://w.clarity.ms/collectHTTP Response
204 -
1.1kB 6.9kB 14 11
-
70 B 133 B 1 1
DNS Request
45.147.19.2.in-addr.arpa
-
72 B 126 B 1 1
DNS Request
126.135.241.8.in-addr.arpa
-
72 B 143 B 1 1
DNS Request
76.38.195.152.in-addr.arpa
-
66 B 263 B 1 1
DNS Request
dotnet.microsoft.com
DNS Response
13.107.237.4813.107.238.48
-
72 B 158 B 1 1
DNS Request
48.237.107.13.in-addr.arpa
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
173.223.113.131
-
94 B 156 B 1 1
DNS Request
statics-marketingsites-wcus-ms-com.akamaized.net
DNS Response
23.32.238.22623.32.238.218
-
66 B 287 B 1 1
DNS Request
js.monitor.azure.com
DNS Response
13.107.237.4813.107.238.48
-
66 B 293 B 1 1
DNS Request
target.microsoft.com
DNS Response
15.206.251.8515.207.29.1393.109.115.19335.154.62.16065.2.93.18343.205.224.6113.234.102.543.108.216.255
-
77 B 259 B 1 1
DNS Request
microsoftmscompoc.tt.omtrdc.net
DNS Response
3.6.5.2613.234.102.5443.205.224.613.108.216.25513.234.170.19115.206.251.8565.2.93.18315.206.26.228
-
69 B 270 B 1 1
DNS Request
wcpstatic.microsoft.com
DNS Response
13.107.237.6813.107.238.68
-
72 B 137 B 1 1
DNS Request
226.238.32.23.in-addr.arpa
-
74 B 141 B 1 1
DNS Request
131.113.223.173.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
234.238.32.23.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
68.237.107.13.in-addr.arpa
-
79 B 200 B 1 1
DNS Request
browser.events.data.microsoft.com
DNS Response
52.168.112.66
-
72 B 136 B 1 1
DNS Request
85.251.206.15.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
66.112.168.52.in-addr.arpa
-
88 B 296 B 1 1
DNS Request
westus2-0.in.applicationinsights.azure.com
DNS Response
20.9.155.148
-
71 B 157 B 1 1
DNS Request
148.155.9.20.in-addr.arpa
-
60 B 245 B 1 1
DNS Request
www.clarity.ms
DNS Response
13.107.237.4813.107.238.48
-
58 B 145 B 1 1
DNS Request
c.clarity.ms
DNS Response
20.205.115.81
-
58 B 137 B 1 1
DNS Request
w.clarity.ms
DNS Response
23.96.124.156
-
60 B 245 B 1 1
DNS Request
www.clarity.ms
DNS Response
13.107.237.6813.107.238.68
-
56 B 158 B 1 1
DNS Request
c.bing.com
DNS Response
204.79.197.20013.107.21.200
-
73 B 144 B 1 1
DNS Request
200.232.18.117.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
81.115.205.20.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
156.124.96.23.in-addr.arpa
-
73 B 106 B 1 1
DNS Request
200.197.79.204.in-addr.arpa
-
73 B 159 B 1 1
DNS Request
233.141.123.20.in-addr.arpa
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
74KB
MD5d4fc49dc14f63895d997fa4940f24378
SHA13efb1437a7c5e46034147cbbc8db017c69d02c31
SHA256853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1
SHA512cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\at-config.1.4.1[1].js
Filesize5KB
MD572dcd95e1872e4e7dd4debd9363a3f23
SHA173e8f9c4dd8812ebc9c54abed3e50b68f21ad7e3
SHA256d83130d74d82a31e8a653378f0051d57ef560bd85406c85404c0f7bd9801b0bf
SHA51212c49158f980c09b5cf39becea6506126c9077639991607c6066a9906d5be39eff6d8b4c844ab3dd398d17131f5e00638e52ad7e6a272ca38ea6f2e41efe00a3
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\general.min[1].js
Filesize174KB
MD50a51551c9a5fe36e372fc39eb9bf0b3a
SHA16c76d69df786828afad990a0144b5d27d56e7863
SHA256124fceae66250916650ffa507fc9c2773714f98580b7110f98d20103cd983794
SHA5127c1e3542d04731f54ccb0888fd3b30c39e97e01e0980508bee856cf4725aad04e987a629ef23d95b8c264216f1b825c1c58920e34b79800bdcc22e761b85e388
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\main.min[1].js
Filesize31KB
MD5b9b13a437cdee66d01ab9cb18d85d3e0
SHA16614ec983dc34b78eda8a8e3ada837a503541a92
SHA2560d56c5660f9a5afc4b544798551201d14c6d222b658bb1bb0e3f40ca04cb7bb9
SHA512987cc6da7ac9e739b70572464917b464c0f90b3ba795133d852d7eddea3de89db8e880a3fc05745f1f964e5770d7ab9736f50d241e3577705c80ecf088fc888d
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\wcp-consent[1].js
Filesize51KB
MD5413fcc759cc19821b61b6941808b29b5
SHA11ad23b8a202043539c20681b1b3e9f3bc5d55133
SHA256daf7759fedd9af6c4d7e374b0d056547ae7cb245ec24a1c4acf02932f30dc536
SHA512e9bf8a74fef494990aafd15a0f21e0398dc28b4939c8f9f8aa1f3ffbd18056c8d1ab282b081f5c56f0928c48e30e768f7e347929304b55547f9ca8c1aabd80b8
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\at[1].js
Filesize102KB
MD56b56d2bd5139bc5c00f412cd917a3bac
SHA17ebb960a86d15ba09b075265c6c098b9cdafc624
SHA256cd976ec1ad0e64056080f75bd5bb81cc61b544c8f535ca2ca630a7f4aa5fda5b
SHA512e716effb9d5b6bd49394e972d7307da7068bb03d536b975e03781c3ac9425117cc27e6a24a7aaf71e56f59341dce179184c88c3d4533fae99379a1c1a9e9f222
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\cookie-consent.min[1].js
Filesize986B
MD5276fadd25103db9ea780c1ab25dd42c8
SHA154483dc13e60306f87a0e4a4b16b47ffac51e097
SHA256c9cb2eed50644985e9f73a6897d05d94b80b8c317ea3bb5524c28a16683a63f5
SHA512174919bc2b37c379531819d3b2fea5097181b600b68b746afb8c52131db2bc05ac6d6c97821fe35f1c4018fb2b2982dcc1d542c568ed3bf0cff71e32b9408eca
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\override[1].css
Filesize1KB
MD5a570448f8e33150f5737b9a57b6d889a
SHA1860949a95b7598b394aa255fe06f530c3da24e4e
SHA2560bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
SHA512217f971a8012de8fe170b4a20821a52fa198447fa582b82cf221f4d73e902c7e3aa1022cb0b209b6679c2eae0f10469a149f510a6c2132c987f46214b1e2bbbc
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\analytics.min[1].js
Filesize892B
MD5b4a1847f1be996c08716d3b97456d657
SHA149113ee2989496eb1858a45ffaa319863d8ccd69
SHA2568a80172a7d4c7c65ad596f52ecc105d61c0b2b60368277fb4729767f54fec06a
SHA512b0e4ab27c1db23cbcd13bda3bf488293985d76de6c4f51b2be140c7ca8562a0b8280360b2e628a097f7e5fe94508759aca5bec037a1b3d7a73d2d7d16fb63b93
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\cda-tracker.min[1].js
Filesize798B
MD5a3827d5909344f41d270fc8475f7733c
SHA1bb6cb83e4d2080ee02ea366699f487c7362d4934
SHA256bcb1104af4aea1ba4be65f0e9669e2f5382df316635226ade340f6dc15f2866a
SHA5125cbb021d1f0bf0b13583b966ed5bba971b770d3331f062beb2fd75b0d2d380c10bf62db64167f3e3b94f6f5bc05cb160e7d5dae8a5d85d99ed75181040764d18
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml
Filesize13B
MD5c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA135e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA5126be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml
Filesize694B
MD5a37a2ab483892c76dc9445f03504061f
SHA1a4cafdf9f87ec3713e9fd458477095db3a884858
SHA2564154f4b1c8326873eb15bfb0b9721f0ee2b2c0b9338864dd2c5a0d7cbeea2bbc
SHA51268bffd33f4828bcea510d70f33de7f737d63bf52a844631b4fd3bd25191784396bcd2e98d19fab4d573b43df0846ed1438415b8cc5c4dcdaa502dbdc6a4a3f8e
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\3XCE208L\favicon[1].ico
Filesize16KB
MD512e3dac858061d088023b2bd48e2fa96
SHA1e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
SHA25690cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
SHA512c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\w1m3e3z\imagestore.dat
Filesize17KB
MD570a107a100455ce73c8bdf961dcd8c1f
SHA156f9ff33aec0e5937a7db5d7e62fbdba18bf6bc5
SHA2563bc3896b0b415c1f426449cc73d474026c4c2b3c991ac160ce305e37a5e38358
SHA51219131fd825a8b17197615789a104be7da0a4c5d5b60b1c96dedc07a069ad87155b99283835b574cef7fc5b845bd1bf8b765d639a8b854e133b242c472a64fafc
-
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Microsoft\Windows\3720402701\2219095117.pri
Filesize207KB
MD5e2b88765ee31470114e866d939a8f2c6
SHA1e0a53b8511186ff308a0507b6304fb16cabd4e1f
SHA256523e419d2fa2e780239812d36caa37e92f8c3e6a5cd9f18f0d807c593effa45e
SHA512462e8e6b4e63fc6781b6a9935b332a1dc77bfb88e1de49134f86fd46bd1598d2e842902dd9415a328e325bd7cdee766bd9473f2695acdfa769ffe7ba9ae1953d
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\clarity[1].js
Filesize55KB
MD533101fda12196769c5173acf6c98a7f6
SHA1b9a477f778e5856be2b0d692f60266e8249fc6bd
SHA25699b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f
SHA512a3b7a93c579daa179d3e7c0ffbe37ffcd703a7d21a19b797dd94df469b66c411d1b6e9bf995e5c5114980f011ff780c21d40e0374399dfa382c597747b62071e
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\culture-selector.min[1].js
Filesize308B
MD54147b3bfb0a145eec758f0cb7292cefb
SHA18e02467706ce768bc9e68fea2a8d01b49513d631
SHA2568f6f064a7a80641e434afc35b14fd8a01acda68f2ac01097e7dbbf0623edeb20
SHA51249a661a2009c172df348aa83b2342f5cfdeea58026710bf139f847c1d9e6728b20a865bb81a980492186b7dd210ed1202c01a38757edfe77a4efa4945cd82477
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\dotnet-framework-runtime[1].svg
Filesize42KB
MD55aaa8c37cd59979b920cd21c4a50a38d
SHA10ee61e3b2d58513b92cf4c6b5114c1beb55539e7
SHA256db6c6f42e1d56092fb2c3d317968077cb29435139274faefbf4ab7681955bec6
SHA5120fb4c45db9f29963fce195e79b4e9963e57a50ef0fcab74466d6034834e0099f1f344a8569973d4c1ece05d9b70b5938b42ead4fabaa08de7d24c911df28c235
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\8M7JSG0J\ai.2.min[1].js
Filesize118KB
MD58783a27f51204a804c5bfb96bc481b6b
SHA1c50d7bbbcc3f69798a387a68fec4fc65f80ab763
SHA25604c0e76669750440eedbda5b14314f0c3f3f28fb7f6dc719c95ef606af8f8ca6
SHA5123f0a6976265346eb2734c8763884955befaed66b77264aac9e8656edeb932a12b62d2a6effd65928d8fa58018e1630a4d08c6ee2623d7bca29ba85cd54551f0a
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\8M7JSG0J\open-sans-v34-latin-600[1].woff2
Filesize16KB
MD5603c99275486a11982874425a0bc0dd1
SHA1ffeb62d105d2893d323574407b459fbae8cc90a6
SHA2564ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
SHA512662dc53798ccda65ee972a1bb52959ca5f4c45066c1d500c2476c50ec537cb90a42d474d7dde2bec1ea8c312cc4a46e1d91ffb610130c2dc7914b65aef8a2615
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\8M7JSG0J\open-sans-v34-latin-regular[1].woff2
Filesize16KB
MD5e43b535855a4ae53bd5b07a6eeb3bf67
SHA16507312d9491156036316484bf8dc41e8b52ddd9
SHA256b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
SHA512955a4c3ea5df9d2255defc2c40555ac62eeafcc81f6fa688ba5e11a252b3ed59b4275e3e9a72c3f58e66be3a4d0e9952638932fa29eb9075463537910a8e0ce6
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\74-888e54[1].css
Filesize167KB
MD5ba0d5ea1fac178bc129be5c94eebc013
SHA1cdf9036d0a2cc4b57a278e48bce971e708e39aee
SHA256cf186f15996f1f201512c3576307588ecbf1e4d62daa72aa678b8222d6c652f8
SHA512a31ed800df0244da91ef08d8e2b262d8b9899ec5f64218e6a233ac9f178df15e642aa7476aa87c1f18228a64507850e2974025b77f7071c2e821d50e3c3ca08e
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\bootstrap-custom.min[1].css
Filesize230KB
MD516335268dced275f7835c0d517c796e1
SHA10d4a1a56ad98c4b4b01ca9b7e588209fe87e7249
SHA256696afad1ce7654d5bdf749422fe56e3b985a6eafd1348932619859e7ce504760
SHA5126244612be0287295c48d733bf210223dd5b79707e372b966d1f2d3c006f3ad375184f0ea38d4a67ab937e12477920292c10bbfc5ebf5b8942b7744ed8ae06c61
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\ms.analytics-web-3.min[1].js
Filesize136KB
MD56a5b990f8696eb7a67ecfe6b5b3cab0b
SHA1108bbd600f0237e62112db3969c6f02be0a1c7cb
SHA2568a13eda4650628c3b24edd6b407cfedf1821188701430545bc17ccf7fe0083ac
SHA512ceabc9380d2e4166dca101fa8e7ad7fa7b176182a04294b41584c7c3a93c28510c2fa7633e40c0959c7f39382a6b0706f10c6ff87068c96e2f5b15f1353f6856
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\open-sans-v34-latin-700[1].woff2
Filesize15KB
MD5e45478d4d6f15dafda1f25d9e0fb5fa1
SHA152cb490cd0ee4442ede034085cda9652b206f91c
SHA256d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
SHA5122ac423249ec837efa35b29705f55a326dee83f727e867269b86005cce144ca8d435f7412bb0bc9babdb9ae17419e4a0314b2923bee6a5acc96c9909e9eb48645
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\a2-598841[1].js
Filesize134KB
MD52cc02dc1fb567abe4b05d266eb06d922
SHA16dcbdeb8033539e29ca4d11975bee63bfabbfdad
SHA25614bc892aff22a1998743df7de326750231ec0592917c70c5a9e5478fea456409
SHA512769ec7d320b0b5ebfe2affc562078f0de8c21a6157af32f50f577327d37c43fa7b121d09cbd2bf27471c4356e90b1d96b10b73aa31410532f3fc46255d28a315
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\alert-info[1].svg
Filesize726B
MD5c7db49644f6bf1f50b3190ffba0516ed
SHA15bb312a0b6357ccb7e93158ac0f97b4e249e4696
SHA2562d891fb5984d5f421055da7f5d7e4be525df4c973fdc4366057bc9dfd82ce281
SHA5129b7f127443d517223a2a2cf6131a777f56aae3cd21dbcc1e87d847a0ad42e8c05a7f13347fec6d4df0582d486a57a9dc0d8121e6ca38371549f53e396cf6463a
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\alert-promo[1].svg
Filesize1KB
MD5b119b49f7f799d680e0ade981c8c36e1
SHA1b2134ee3d8a4669c4b93225c0b987be0c78b6e6e
SHA2562dc041b9b132cef3af67e03ba98fa1b72a9e877699e7a1f4277e00556c78ada4
SHA512c68439e082f0979de042cb8e6ca5fcf08f1debf62133272a8580334867b9a3309a023441ca315b604ab6867ea3b9efa8e8185067e288fd2c46e65a8eaafe2a86
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\mwfmdl2-v3.54[1].woff
Filesize25KB
MD5d0263dc03be4c393a90bda733c57d6db
SHA18a032b6deab53a33234c735133b48518f8643b92
SHA25622b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
SHA5129511bef269ae0797addf4cd6f2fec4ad0c4a4e06b3e5bf6138c7678a203022ac4818c7d446d154594504c947da3061030e82472d2708149c0709b1a070fdd0e3
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\space-grotesk-v12-latin-700[1].woff2
Filesize11KB
MD5514360ed1b78e71aabe58ecd08f36706
SHA11062c179ea2f74b5db67f9d7822c556ed25637dd
SHA256751851e72654508ca07678c61bdacd91b772d725f531dd8a6f62e6f941e11ecc
SHA5121827c1a0189570e775bdcd07657e720e0bb27c2157ff46307cba551eaa16822645e388321081eb13cae7f4d024038b5279cff897a4c86c0ecd4428e60a5dac5e
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml
Filesize13B
MD5c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA135e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA5126be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml
Filesize13B
MD5c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA135e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA5126be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml
Filesize13B
MD5c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA135e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA5126be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml
Filesize694B
MD5a37a2ab483892c76dc9445f03504061f
SHA1a4cafdf9f87ec3713e9fd458477095db3a884858
SHA2564154f4b1c8326873eb15bfb0b9721f0ee2b2c0b9338864dd2c5a0d7cbeea2bbc
SHA51268bffd33f4828bcea510d70f33de7f737d63bf52a844631b4fd3bd25191784396bcd2e98d19fab4d573b43df0846ed1438415b8cc5c4dcdaa502dbdc6a4a3f8e
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml
Filesize694B
MD5a37a2ab483892c76dc9445f03504061f
SHA1a4cafdf9f87ec3713e9fd458477095db3a884858
SHA2564154f4b1c8326873eb15bfb0b9721f0ee2b2c0b9338864dd2c5a0d7cbeea2bbc
SHA51268bffd33f4828bcea510d70f33de7f737d63bf52a844631b4fd3bd25191784396bcd2e98d19fab4d573b43df0846ed1438415b8cc5c4dcdaa502dbdc6a4a3f8e
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml
Filesize1KB
MD5f5ef957f11878d43fd4b3338e2d3c47e
SHA1bbc49ef08dba700cbd56cbde131c83653ba2a722
SHA256bf358982ba4bfa67ecd46fd8fafd5abf276215ba0891f52961c513986bfec4a9
SHA5128405fae9491d69797215a0d05849ff769873a59efb2bf37f674dc5b594b55747bfdbe6bd5a6b982d278643531454cbddd4dc49acecf1024bfecbcf93730fd7a2
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
Filesize1KB
MD58ee018ecaad72c05dfa4d75df4f1450f
SHA1d8b1aeff8372b7af1ac43e33b5f5dc66facce42f
SHA2561a070d476d99087b1e57bb24f9356c2447b5c3347665aa07ba4269f72547e84c
SHA51244a0988c18fccb79231cfa3802277daa73405fccbd54ce509b9b5ec01d5c2b6a31ba85e700fb5f8edfbd8dde0ff60b4d747079ad63cf0dd0cd643b7879c3db01
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_AD319D6DA1A11BC83AC8B4E4D3638231
Filesize1KB
MD5eea883772fe4fcb604836f77046a6573
SHA191c5537a96b448ff3e6753d322630bd7a14ec3d7
SHA2564fa5363994f226d71cd9767f237938756d84aaf86cc869bbe5f1acc3210d7174
SHA512fe2e8dfad21b7e02d39174338141a1305bc6a5e4adf5d18637ca9e90ad9ec30c3e4e7a156b3b7d6e26f38709bee5a7caeed7510878727037c3e76e83588478de
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\8A7891822FCFF127E4EADADE9757112B
Filesize926B
MD57bc85f7ba6e8257a07ca58ad9d19352f
SHA1d37cbf8a3f6a01e46df0d9bd1d540dc4add3f602
SHA2561ba2a3cd0959bacfa6960eff85300a84152d51a4422cb764d75e071f9fcc2af2
SHA512b7cd5a3396d769d12a3ac81f816f764b6dae6e84d22009732d195c358e3fefe524997bf1e34153f0a0f5b015988038241f7afdd3132d590f45d544f0d3926744
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
Filesize471B
MD5c787d5e2b16c629a5a2175ca0f23ff2d
SHA1f33eb25519c40a243f30d77b6ee024b875490b66
SHA256c9bf555d4f13ba22a56f77144ad0297d7b45b3030aec1dcf0eeec821dc323325
SHA512d7e50a17b574cf20975469b1f51b388a83a126a9f299348c0951e64daaea6113e778b7e84e41e1c7499cc727a5cdbca0b9e4d6d75ff64b48dcef596da4187eb4
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\E573CDF4C6D731D56A665145182FD759_EAB4AEE2EA70916CD4B93BC9BD3B283A
Filesize471B
MD530d32b86e8408e901f9dd1cf52df6024
SHA1ac4d38acd953f8b2d4fef3641f82e69503cc2a28
SHA2565f2c83a6e3cbc13902c123046b020b4d6ddc6f682ef25b0abe95426b990088f4
SHA5120d2240967215f9def8e08ca69819a2c07ebbe30c569a7e371b7600ae1ecdfe85d5851b576cd28420703234c5b6e1a8ed4359eafd9fbef7668c64d71b13a23391
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
Filesize416B
MD5fc2b84c1aae9a15a2793cd458d69b667
SHA1198e63f2afe3b6ea9bdd77370872bc047f9e5236
SHA256040e809b61e858f2a6835fdc361e1eb3944e44c8f65410db4011b746d89705da
SHA512051bb3cafa251bb026d89f1e3f681cd027d25e28ec3ff08e37612f28f4adff1f0fe254fa9d60050889d91a1fb8e3936d9cf9c20a4cbf3476f3664d03363dc89d
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_AD319D6DA1A11BC83AC8B4E4D3638231
Filesize434B
MD5ba55c74952272f470832cac1cdbd23aa
SHA1662099c477c32e2cbd68f83578cdb07c106829be
SHA25683a1886678bb4a4626ea60ac9be2ba27c059a4c4ebf6346251aada240306f51a
SHA5129936343f06215c24f2b0379c48b2f04f3c8b6fc50ca533bffd533798301b7f4271dfe666361f21eb2faaf3c2d402976ca517e2b66e141f369bceceb26a60333d
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8A7891822FCFF127E4EADADE9757112B
Filesize246B
MD5e7c1bf17cca1b09ffff5255b9f90d17f
SHA18c8b647fe8801770caf55764af28ad6d11c89306
SHA25637241236accd67eb89097141c4ffd711950891a9c2cea719a12e98c7eadd97c1
SHA512febba8dbc88b2fcca497961eac7ca468161d3be81aa4881997d6cb7b5c6d29df2c8b4a1b11e31b6ba445a95e09b0547a78e8e3570ba0cf388f7d8f6c67c828c7
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8A7891822FCFF127E4EADADE9757112B
Filesize246B
MD541bff6eeac9b6798e6ce97a73b14ef3c
SHA1833bf8dfb519d3be7667a4019a89eeb12a12f721
SHA256d0748fc49c86404c849193b09555c1f8e176c1375bddfefd5fdbf528c2262b25
SHA5128f80e843e3be098382ade25af14bf3e263adc14e21eaaa2b7e639994f20284ba024f97cb42e98dd68f23789893ac325626c7fc003c9424d0783e41967b2bb4ce
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
Filesize430B
MD5bdefee51f29b630cb312e66829482189
SHA19e23cb9d6b3f29a3a1340d5bd14e9a22e9ee19dd
SHA256f4abf223f5c45562fd94a880eb5573c2835c8792f0ba09e413ac622779d74b12
SHA512dba7be7a4b52edf3fb0dca7c17fb96f371939ff0fd4c5589bbd651c744e4c61ba4e713f488d85679abc8843fefcf04d31aa08650d9c87a37192ebdb6da853ac4
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\E573CDF4C6D731D56A665145182FD759_EAB4AEE2EA70916CD4B93BC9BD3B283A
Filesize396B
MD57a778c151497fa7145637b53452ebb51
SHA1cb2dc2b993e2d492e622c5547b341f561e6cda3f
SHA2561aa5a8e203c81431eab72d729a730670f2a9cabe1a55fcfbb9536657310cf472
SHA512c89079f43002ed99dc31f1ca210de03dcccd2973ba13a74955b4bf65d3b051ec918bd55966e1c5b018d53a4ad23d6d9af56894ecc9b8163e91893d300dba3a0d
-
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\Windows\3720402701\2219095117.pri
Filesize207KB
MD5e2b88765ee31470114e866d939a8f2c6
SHA1e0a53b8511186ff308a0507b6304fb16cabd4e1f
SHA256523e419d2fa2e780239812d36caa37e92f8c3e6a5cd9f18f0d807c593effa45e
SHA512462e8e6b4e63fc6781b6a9935b332a1dc77bfb88e1de49134f86fd46bd1598d2e842902dd9415a328e325bd7cdee766bd9473f2695acdfa769ffe7ba9ae1953d