Analysis

  • max time kernel
    60s
  • max time network
    63s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    08-03-2023 02:33

General

  • Target

    VenomRAT/VenomRAT_HVNC.exe

  • Size

    16.5MB

  • MD5

    c90bb028354000acc74485f2db4ab492

  • SHA1

    28e6ce32a075669b3e382eaeb4871f7c3fc3bbef

  • SHA256

    54df65f59a153e58faafc63addf325b7c492f000b8cda7e3cf527f5c0080325d

  • SHA512

    9400521f9dd1fd76a914006133cd9b9dc5c8783407ff6b99fbb5a74c1a81e45818772ef4e1cabc9c67232bf60d977b48c2fadcb9401ae05e7c8e23fcf9ba7406

  • SSDEEP

    393216:sl9Yl7Elel7ElAlQleTl/l/l/l/l/lzlml/lqlZlHl/l/l/l/l/l/lIlAl+lUl2x:WTXT

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Detected potential entity reuse from brand microsoft.
  • Drops file in Windows directory 6 IoCs
  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: MapViewOfSection 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 8 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 25 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VenomRAT\VenomRAT_HVNC.exe
    "C:\Users\Admin\AppData\Local\Temp\VenomRAT\VenomRAT_HVNC.exe"
    1⤵
    • Checks computer location settings
    PID:3636
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2072
  • C:\Windows\system32\browser_broker.exe
    C:\Windows\system32\browser_broker.exe -Embedding
    1⤵
    • Modifies Internet Explorer settings
    PID:3868
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Modifies registry class
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3732
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    PID:2872
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:3256
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Modifies registry class
    PID:4860
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:424
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:1980

Network

  • flag-us
    DNS
    45.147.19.2.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    45.147.19.2.in-addr.arpa
    IN PTR
    Response
    45.147.19.2.in-addr.arpa
    IN PTR
    a2-19-147-45deploystaticakamaitechnologiescom
  • flag-us
    DNS
    126.135.241.8.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    126.135.241.8.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    76.38.195.152.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    76.38.195.152.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    dotnet.microsoft.com
    MicrosoftEdge.exe
    Remote address:
    8.8.8.8:53
    Request
    dotnet.microsoft.com
    IN A
    Response
    dotnet.microsoft.com
    IN CNAME
    dotnetwebsite.azurefd.net
    dotnetwebsite.azurefd.net
    IN CNAME
    firstparty-azurefd-prod.trafficmanager.net
    firstparty-azurefd-prod.trafficmanager.net
    IN CNAME
    shed.dual-low.part-0020.t-0009.fdv2-t-msedge.net
    shed.dual-low.part-0020.t-0009.fdv2-t-msedge.net
    IN CNAME
    part-0020.t-0009.fdv2-t-msedge.net
    part-0020.t-0009.fdv2-t-msedge.net
    IN A
    13.107.237.48
    part-0020.t-0009.fdv2-t-msedge.net
    IN A
    13.107.238.48
  • flag-us
    GET
    https://dotnet.microsoft.com/get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0 HTTP/2.0
    host: dotnet.microsoft.com
    accept: text/html, application/xhtml+xml, image/jxr, */*
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 302
    location: https://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframework
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pPQHZAAAAAAZOmykgwuEQpt01/olUVeMQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:20 GMT
    content-length: 0
  • flag-us
    GET
    https://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframework
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /download/dotnet-framework/net481?cid=getdotnetframework HTTP/2.0
    host: dotnet.microsoft.com
    accept: text/html, application/xhtml+xml, image/jxr, */*
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 302
    cache-control: no-store
    content-type: text/html; charset=utf-8
    location: /en-us/download/dotnet-framework/net481?cid=getdotnetframework
    set-cookie: TiPMix=84.07563067049091; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pPQHZAAAAAD3Ffy/gFSITpMafwTG/ECFQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:20 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /en-us/download/dotnet-framework/net481?cid=getdotnetframework HTTP/2.0
    host: dotnet.microsoft.com
    accept: text/html, application/xhtml+xml, image/jxr, */*
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: no-store
    content-type: text/html; charset=utf-8
    content-encoding: gzip
    vary: Accept-Encoding
    set-cookie: TiPMix=66.97125595869153; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pfQHZAAAAADxEBgCe+0+QI/Ooy1HxZ+tQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:21 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/css/bootstrap-custom.min.css?v=EDbDNv-EoxbdChr2Men0D63u9rPl50WPGUpFVl91y38
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/css/bootstrap-custom.min.css?v=EDbDNv-EoxbdChr2Men0D63u9rPl50WPGUpFVl91y38 HTTP/2.0
    host: dotnet.microsoft.com
    accept: text/css, */*
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/css
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7fcb0ad"
    vary: Accept-Encoding
    set-cookie: TiPMix=0.9503248843201972; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAACmzizwFE31SrVMIvbL9iyrQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:21 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3Y
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3Y HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-length: 43905
    content-type: image/svg+xml
    last-modified: Wed, 08 Mar 2023 01:06:22 GMT
    accept-ranges: bytes
    etag: "1d9515a327bd081"
    set-cookie: TiPMix=35.26350702817987; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAADaK7dtd1XdSpsSBO290j6tQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2ls
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2ls HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff2a34"
    vary: Accept-Encoding
    set-cookie: TiPMix=68.61821944634099; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAABnO6hrhrpPTYgn0ulxdPe2QU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8 HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff287c"
    vary: Accept-Encoding
    set-cookie: TiPMix=29.57208339584746; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAADCeWOBVvRATpfFUM1dxmOFQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/images/redesign/download/dotnet-framework-runtime.svg?v=22xvQuHVYJL7LD0xeWgHfLKUNROSdPrvv0q3aBlVvsY
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/images/redesign/download/dotnet-framework-runtime.svg?v=22xvQuHVYJL7LD0xeWgHfLKUNROSdPrvv0q3aBlVvsY HTTP/2.0
    host: dotnet.microsoft.com
    accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff3c10"
    vary: Accept-Encoding
    set-cookie: TiPMix=64.08964907128619; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAAAj31SyEqnlR7uBn8lY/N3bQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4Q
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4Q HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7feb3ea"
    vary: Accept-Encoding
    set-cookie: TiPMix=66.30767436330306; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAACKHVIc3C5uRqo8esAGYZsmQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/culture-selector.min.js?v=4_W8YedFnTAVF-SRhGplUFsiivF2-s2hR-NZWrivGYc
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/culture-selector.min.js?v=4_W8YedFnTAVF-SRhGplUFsiivF2-s2hR-NZWrivGYc HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7fd9182"
    vary: Accept-Encoding
    set-cookie: TiPMix=26.639038988001694; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAAD/Om6cmC/yS6vi9H3jKOFqQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6U
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6U HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff57da"
    vary: Accept-Encoding
    set-cookie: TiPMix=25.628243048366926; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAACnSJrXmjo1RqfNiZdosF0JQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4 HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff28da"
    vary: Accept-Encoding
    set-cookie: TiPMix=27.31086750710897; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAACDkZLyiceITYssKnUyauwvQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQ
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQ HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff281e"
    vary: Accept-Encoding
    set-cookie: TiPMix=69.98056429874353; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAAAjBJNc2d16T4Bz1nqaxnI3QU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/fonts/open-sans-v34-latin-regular.woff2
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/fonts/open-sans-v34-latin-regular.woff2 HTTP/2.0
    host: dotnet.microsoft.com
    accept: */*
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    origin: https://dotnet.microsoft.com
    accept-encoding: gzip, deflate, br
    cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581378
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31536000
    content-length: 16372
    content-type: font/woff2
    last-modified: Wed, 08 Mar 2023 01:06:22 GMT
    accept-ranges: bytes
    etag: "1d9515a327b44f4"
    set-cookie: TiPMix=90.6338552252175; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0p/QHZAAAAAA1f6x4KBxaRbex52lBvvXMQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:23 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/fonts/open-sans-v34-latin-600.woff2
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/fonts/open-sans-v34-latin-600.woff2 HTTP/2.0
    host: dotnet.microsoft.com
    accept: */*
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    origin: https://dotnet.microsoft.com
    accept-encoding: gzip, deflate, br
    cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581378
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31536000
    content-length: 16740
    content-type: font/woff2
    last-modified: Wed, 08 Mar 2023 01:06:22 GMT
    accept-ranges: bytes
    etag: "1d9515a327b3a64"
    set-cookie: TiPMix=67.44837998156599; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0p/QHZAAAAADRU1veoWjuSZ2vSVOOohgYQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:23 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/fonts/open-sans-v34-latin-700.woff2
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/fonts/open-sans-v34-latin-700.woff2 HTTP/2.0
    host: dotnet.microsoft.com
    accept: */*
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    origin: https://dotnet.microsoft.com
    accept-encoding: gzip, deflate, br
    cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581378
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31536000
    content-length: 16756
    content-type: font/woff2
    last-modified: Wed, 08 Mar 2023 01:06:22 GMT
    accept-ranges: bytes
    etag: "1d9515a327b3a74"
    set-cookie: TiPMix=44.25419346781562; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0p/QHZAAAAAAKJJTTrc0uSLBXLtWgQx5sQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:23 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/fonts/space-grotesk-v12-latin-700.woff2
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/fonts/space-grotesk-v12-latin-700.woff2 HTTP/2.0
    host: dotnet.microsoft.com
    accept: */*
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    origin: https://dotnet.microsoft.com
    accept-encoding: gzip, deflate, br
    cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581378; at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248442
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31536000
    content-length: 11448
    content-type: font/woff2
    last-modified: Wed, 08 Mar 2023 01:06:22 GMT
    accept-ranges: bytes
    etag: "1d9515a327b57b8"
    set-cookie: TiPMix=50.13567100045149; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0p/QHZAAAAACl6mJ73vDgRIyv3oaJlH+MQU1TMDRFREdFMTkxOQBlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:23 GMT
  • flag-us
    DNS
    48.237.107.13.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    48.237.107.13.in-addr.arpa
    IN PTR
    Response
  • flag-us
    GET
    https://dotnet.microsoft.com/get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0 HTTP/2.0
    host: dotnet.microsoft.com
    accept: text/html, application/xhtml+xml, image/jxr, */*
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 302
    location: https://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframework
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pfQHZAAAAAASLyUckEtWQqSQnRbNCTlqQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:21 GMT
    content-length: 0
  • flag-us
    GET
    https://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframework
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /download/dotnet-framework/net481?cid=getdotnetframework HTTP/2.0
    host: dotnet.microsoft.com
    accept: text/html, application/xhtml+xml, image/jxr, */*
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 302
    cache-control: no-store
    content-type: text/html; charset=utf-8
    location: /en-us/download/dotnet-framework/net481?cid=getdotnetframework
    set-cookie: TiPMix=4.997230740209357; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAADAi9xoy49bR429o1dAk6LCQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:21 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /en-us/download/dotnet-framework/net481?cid=getdotnetframework HTTP/2.0
    host: dotnet.microsoft.com
    accept: text/html, application/xhtml+xml, image/jxr, */*
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: no-store
    content-type: text/html; charset=utf-8
    content-encoding: gzip
    vary: Accept-Encoding
    set-cookie: TiPMix=22.396473986906564; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAAB5bI4mf5OIRof4EKay/J3VQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:21 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3Y
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3Y HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff287c"
    vary: Accept-Encoding
    set-cookie: TiPMix=44.79447850769861; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAAAToLT1iSpaRq4I9Ro+CViXQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8 HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7fd9182"
    vary: Accept-Encoding
    set-cookie: TiPMix=24.14119856232452; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAADYRFLdFiNdQoDX1APX9XnuQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2ls
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2ls HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff3c10"
    vary: Accept-Encoding
    set-cookie: TiPMix=35.29837414411791; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAADTR6G0r2huQZJPKUJm+HZXQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4Q
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4Q HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff28da"
    vary: Accept-Encoding
    set-cookie: TiPMix=23.459672291854982; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAACaiN4xrUNnRL8OHhIDZZErQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6U
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6U HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7feb3ea"
    vary: Accept-Encoding
    set-cookie: TiPMix=9.458192379812125; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAAB9Ah0F5Cm3S5Q6XJ/EDzLWQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4 HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff57da"
    vary: Accept-Encoding
    set-cookie: TiPMix=70.54623759255446; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAAB8hKEuNFUxQbtbv5McdWgAQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQ
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQ HTTP/2.0
    host: dotnet.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31359572
    content-type: text/javascript
    content-encoding: gzip
    last-modified: Wed, 08 Mar 2023 01:10:06 GMT
    accept-ranges: bytes
    etag: "1d9515ab7ff281e"
    vary: Accept-Encoding
    set-cookie: TiPMix=29.115464038719608; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0pvQHZAAAAADb1kXttkFCQ5qmGCGics2IQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:22 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/images/redesign/alert-promo.svg
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/images/redesign/alert-promo.svg HTTP/2.0
    host: dotnet.microsoft.com
    accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581960; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248442; at_check=true
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31536000
    content-length: 1874
    content-type: image/svg+xml
    last-modified: Wed, 08 Mar 2023 01:06:22 GMT
    accept-ranges: bytes
    etag: "1d9515a327b7c52"
    set-cookie: TiPMix=49.11139313728814; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0qPQHZAAAAADPftbcGrStQ6Equ50BAa97QU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:23 GMT
  • flag-us
    GET
    https://dotnet.microsoft.com/static/images/redesign/alert-info.svg
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /static/images/redesign/alert-info.svg HTTP/2.0
    host: dotnet.microsoft.com
    accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    cookie: MicrosoftApplicationsTelemetryDeviceId=cd776ab6-f663-4098-87d6-ef8e806e8d1c; ai_session=8MtiYTYqV2esLcokRzpwOD|1678246581378|1678246581960; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248442; at_check=true
    Response
    HTTP/2.0 200
    cache-control: public, max-age=31536000
    content-length: 726
    content-type: image/svg+xml
    last-modified: Wed, 08 Mar 2023 01:06:22 GMT
    accept-ranges: bytes
    etag: "1d9515a327b79d6"
    set-cookie: TiPMix=27.286406220339067; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0qPQHZAAAAABjGHZB80cQSr8ZwLsMRvjvQU1TMDRFREdFMTkxOABlMWRmMDcwYS1hZTQ0LTRjMGItYTU0Yi1jNDkzODA0ZTRkOWY=
    date: Wed, 08 Mar 2023 02:36:23 GMT
  • flag-us
    DNS
    www.microsoft.com
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    173.223.113.131
  • flag-us
    DNS
    statics-marketingsites-wcus-ms-com.akamaized.net
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    statics-marketingsites-wcus-ms-com.akamaized.net
    IN A
    Response
    statics-marketingsites-wcus-ms-com.akamaized.net
    IN CNAME
    a1778.g2.akamai.net
    a1778.g2.akamai.net
    IN A
    23.32.238.226
    a1778.g2.akamai.net
    IN A
    23.32.238.218
  • flag-us
    DNS
    js.monitor.azure.com
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    js.monitor.azure.com
    IN A
    Response
    js.monitor.azure.com
    IN CNAME
    aijscdn2.azureedge.net
    aijscdn2.azureedge.net
    IN CNAME
    aijscdn2.afd.azureedge.net
    aijscdn2.afd.azureedge.net
    IN CNAME
    firstparty-azurefd-prod.trafficmanager.net
    firstparty-azurefd-prod.trafficmanager.net
    IN CNAME
    shed.dual-low.part-0020.t-0009.fdv2-t-msedge.net
    shed.dual-low.part-0020.t-0009.fdv2-t-msedge.net
    IN CNAME
    part-0020.t-0009.fdv2-t-msedge.net
    part-0020.t-0009.fdv2-t-msedge.net
    IN A
    13.107.237.48
    part-0020.t-0009.fdv2-t-msedge.net
    IN A
    13.107.238.48
  • flag-us
    DNS
    target.microsoft.com
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    target.microsoft.com
    IN A
    Response
    target.microsoft.com
    IN CNAME
    microsoftmscompoc.tt.omtrdc.net
    microsoftmscompoc.tt.omtrdc.net
    IN CNAME
    mboxedge31.tt.omtrdc.net
    mboxedge31.tt.omtrdc.net
    IN CNAME
    mboxedge31-alb.tt.omtrdc.net
    mboxedge31-alb.tt.omtrdc.net
    IN A
    15.206.251.85
    mboxedge31-alb.tt.omtrdc.net
    IN A
    15.207.29.139
    mboxedge31-alb.tt.omtrdc.net
    IN A
    3.109.115.193
    mboxedge31-alb.tt.omtrdc.net
    IN A
    35.154.62.160
    mboxedge31-alb.tt.omtrdc.net
    IN A
    65.2.93.183
    mboxedge31-alb.tt.omtrdc.net
    IN A
    43.205.224.61
    mboxedge31-alb.tt.omtrdc.net
    IN A
    13.234.102.54
    mboxedge31-alb.tt.omtrdc.net
    IN A
    3.108.216.255
  • flag-us
    DNS
    microsoftmscompoc.tt.omtrdc.net
    MicrosoftEdge.exe
    Remote address:
    8.8.8.8:53
    Request
    microsoftmscompoc.tt.omtrdc.net
    IN A
    Response
    microsoftmscompoc.tt.omtrdc.net
    IN CNAME
    mboxedge31.tt.omtrdc.net
    mboxedge31.tt.omtrdc.net
    IN CNAME
    mboxedge31-alb.tt.omtrdc.net
    mboxedge31-alb.tt.omtrdc.net
    IN A
    3.6.5.26
    mboxedge31-alb.tt.omtrdc.net
    IN A
    13.234.102.54
    mboxedge31-alb.tt.omtrdc.net
    IN A
    43.205.224.61
    mboxedge31-alb.tt.omtrdc.net
    IN A
    3.108.216.255
    mboxedge31-alb.tt.omtrdc.net
    IN A
    13.234.170.191
    mboxedge31-alb.tt.omtrdc.net
    IN A
    15.206.251.85
    mboxedge31-alb.tt.omtrdc.net
    IN A
    65.2.93.183
    mboxedge31-alb.tt.omtrdc.net
    IN A
    15.206.26.228
  • flag-nl
    GET
    https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
    MicrosoftEdgeCP.exe
    Remote address:
    173.223.113.131:443
    Request
    GET /onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231 HTTP/2.0
    host: www.microsoft.com
    accept: text/css, */*
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    content-type: text/css; charset=utf-8
    last-modified: Wed, 04 Jan 2023 11:45:02 GMT
    x-activity-id: eb4c5787-d9d6-4751-9839-1249c2466e7a
    x-appversion: 1.0.8377.8392
    x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-12-08T12:39:44.0000000Z}
    ms-operation-id: d492f47a3fc2814e9a634cad3e54d0db
    p3p: CP="CAO CONi OTR OUR DEM ONL"
    x-content-type-options: nosniff
    x-s1: 2023-01-04T11:45:02
    x-s2: 2023-01-04T11:45:02
    timing-allow-origin: *
    access-control-allow-origin: *
    access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
    x-xss-protection: 1; mode=block
    content-encoding: gzip
    content-length: 22729
    cache-control: public, max-age=26125673
    expires: Thu, 04 Jan 2024 11:44:15 GMT
    date: Wed, 08 Mar 2023 02:36:22 GMT
    vary: Accept-Encoding
    tls_version: tls1.2
    strict-transport-security: max-age=31536000
    ms-cv: CASMicrosoftCV12abaeeb.0
    ms-cv-esi: CASMicrosoftCV12abaeeb.0
    x-rtag: RT
  • flag-nl
    GET
    https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1
    MicrosoftEdgeCP.exe
    Remote address:
    173.223.113.131:443
    Request
    GET /onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1 HTTP/2.0
    host: www.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    content-type: text/javascript; charset=utf-8
    last-modified: Tue, 24 Jan 2023 17:57:21 GMT
    x-activity-id: 0eebee8e-0518-4a7e-803e-c07b6943a742
    x-appversion: 1.0.8405.38376
    x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-01-06T05:19:12.0000000Z}
    ms-operation-id: 25e7e3c26b210b499854b8cc2aafc922
    p3p: CP="CAO CONi OTR OUR DEM ONL"
    x-content-type-options: nosniff
    x-s1: 2023-01-24T17:57:21
    x-s2: 2023-01-24T17:57:22
    timing-allow-origin: *
    access-control-allow-origin: *
    access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
    x-xss-protection: 1; mode=block
    content-encoding: gzip
    content-length: 35900
    cache-control: public, max-age=27876019
    expires: Wed, 24 Jan 2024 17:56:41 GMT
    date: Wed, 08 Mar 2023 02:36:22 GMT
    vary: Accept-Encoding
    tls_version: tls1.2
    strict-transport-security: max-age=31536000
    ms-cv: CASMicrosoftCV12abb81b.0
    ms-cv-esi: CASMicrosoftCV12abb81b.0
    x-rtag: RT
  • flag-nl
    GET
    https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
    MicrosoftEdgeCP.exe
    Remote address:
    173.223.113.131:443
    Request
    GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/2.0
    host: www.microsoft.com
    accept: */*
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    origin: https://dotnet.microsoft.com
    accept-encoding: gzip, deflate, br
    cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248442
    Response
    HTTP/2.0 200
    content-type: application/font-woff
    last-modified: Wed, 04 Jan 2023 18:59:51 GMT
    x-activity-id: e6b35c82-c383-41d5-83b0-bc8a7608c520
    x-appversion: 1.0.8377.8392
    x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-12-08T12:39:44.0000000Z}
    ms-operation-id: fba75867a27e4947885e81814f64fd7b
    p3p: CP="CAO CONi OTR OUR DEM ONL"
    x-content-type-options: nosniff
    access-control-allow-origin: *
    access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
    x-xss-protection: 1; mode=block
    content-length: 26288
    cache-control: public, max-age=26151867
    expires: Thu, 04 Jan 2024 19:00:50 GMT
    date: Wed, 08 Mar 2023 02:36:23 GMT
    tls_version: tls1.2
    strict-transport-security: max-age=31536000
    ms-cv: CASMicrosoftCV12abe61b.0
    ms-cv-esi: CASMicrosoftCV12abe61b.0
    x-rtag: RT
  • flag-de
    GET
    https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css
    MicrosoftEdgeCP.exe
    Remote address:
    23.32.238.226:443
    Request
    GET /statics/override.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Accept-Encoding: gzip, deflate, br
    Host: statics-marketingsites-wcus-ms-com.akamaized.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/css
    Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
    ETag: 0x8D6EEC3A2D67C35
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: e4723bd2-f01e-001e-62c3-66d0e7000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Unused62: 8096267
    Content-Length: 473
    Date: Wed, 08 Mar 2023 02:36:22 GMT
    Connection: keep-alive
  • flag-us
    GET
    https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /scripts/c/ms.analytics-web-3.min.js HTTP/2.0
    host: js.monitor.azure.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=1800, immutable, no-transform
    content-type: text/javascript; charset=utf-8
    content-encoding: br
    content-md5: aluZD4aW63pn7P5rWzyrCw==
    last-modified: Tue, 21 Feb 2023 18:31:48 GMT
    etag: 0x8DB1439E4C632FC
    x-cache: TCP_HIT
    x-ms-request-id: 4da81a76-201e-000c-1664-516c92000000
    x-ms-version: 2009-09-19
    x-ms-meta-jssdkver: 3.2.9
    x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.analytics-web-3.2.9.min.js
    access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-lastmodified,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
    access-control-allow-origin: *
    x-azure-ref: 0pvQHZAAAAAAeq4183oWnQYCJHCNkEFK8QU1TMDRFREdFMTkxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
    date: Wed, 08 Mar 2023 02:36:21 GMT
  • flag-us
    GET
    https://js.monitor.azure.com/scripts/b/ai.2.min.js
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /scripts/b/ai.2.min.js HTTP/2.0
    host: js.monitor.azure.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    if-modified-since: Mon, 13 Feb 2023 18:12:26 GMT
    if-none-match: 0x8DB0DEDDD07F1CC
    Response
    HTTP/2.0 304
    cache-control: public, max-age=1800, immutable, no-transform
    content-type: text/javascript; charset=utf-8
    content-encoding: br
    content-md5: h4Oif1EgSoBMW/uWvEgbaw==
    last-modified: Mon, 13 Feb 2023 18:12:26 GMT
    etag: 0x8DB0DEDDD07F1CC
    x-cache: TCP_HIT
    x-ms-request-id: 32438eb1-a01e-00c4-4063-51b0c7000000
    x-ms-version: 2009-09-19
    x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.10.min.js
    x-ms-meta-aijssdkver: 2.8.10
    access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
    access-control-allow-origin: *
    x-azure-ref: 0qPQHZAAAAACkgghKPId4S5Olvuc0lseKQU1TMDRFREdFMTkxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
    date: Wed, 08 Mar 2023 02:36:24 GMT
  • flag-us
    DNS
    wcpstatic.microsoft.com
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    wcpstatic.microsoft.com
    IN A
    Response
    wcpstatic.microsoft.com
    IN CNAME
    consentdeliveryfd.azurefd.net
    consentdeliveryfd.azurefd.net
    IN CNAME
    firstparty-azurefd-prod.trafficmanager.net
    firstparty-azurefd-prod.trafficmanager.net
    IN CNAME
    shed.dual-low.part-0040.t-0009.fdv2-t-msedge.net
    shed.dual-low.part-0040.t-0009.fdv2-t-msedge.net
    IN CNAME
    part-0040.t-0009.fdv2-t-msedge.net
    part-0040.t-0009.fdv2-t-msedge.net
    IN A
    13.107.237.68
    part-0040.t-0009.fdv2-t-msedge.net
    IN A
    13.107.238.68
  • flag-us
    DNS
    226.238.32.23.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    226.238.32.23.in-addr.arpa
    IN PTR
    Response
    226.238.32.23.in-addr.arpa
    IN PTR
    a23-32-238-226deploystaticakamaitechnologiescom
  • flag-us
    DNS
    131.113.223.173.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    131.113.223.173.in-addr.arpa
    IN PTR
    Response
    131.113.223.173.in-addr.arpa
    IN PTR
    a173-223-113-131deploystaticakamaitechnologiescom
  • flag-us
    DNS
    234.238.32.23.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    234.238.32.23.in-addr.arpa
    IN PTR
    Response
    234.238.32.23.in-addr.arpa
    IN PTR
    a23-32-238-234deploystaticakamaitechnologiescom
  • flag-us
    GET
    https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.68:443
    Request
    GET /mscc/lib/v2/wcp-consent.js HTTP/2.0
    host: wcpstatic.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: max-age=43200
    content-length: 13055
    content-type: application/javascript
    content-encoding: gzip
    content-md5: QT/MdZzBmCG2G2lBgIsptQ==
    last-modified: Wed, 24 Aug 2022 17:34:58 GMT
    age: 4624
    etag: 0x8DA85F6F74C6D08
    vary: Accept-Encoding
    access-control-allow-origin: *
    access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
    x-cache: CONFIG_NOCACHE
    x-ms-blob-type: BlockBlob
    x-ms-lease-status: unlocked
    x-ms-request-id: 7e8d8694-f01e-0028-2c5c-51fe51000000
    x-ms-version: 2009-09-19
    x-azure-ref: 0p/QHZAAAAACV2klskBjeQLdpSTqk6IVDQU1TMDRFREdFMTkyMAAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
    date: Wed, 08 Mar 2023 02:36:23 GMT
  • flag-de
    GET
    https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css
    MicrosoftEdgeCP.exe
    Remote address:
    23.32.238.226:443
    Request
    GET /statics/override.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Accept-Encoding: gzip, deflate, br
    Host: statics-marketingsites-wcus-ms-com.akamaized.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/css
    Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
    ETag: 0x8D6EEC3A2D67C35
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: e4723bd2-f01e-001e-62c3-66d0e7000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Unused62: 8096267
    Content-Length: 473
    Date: Wed, 08 Mar 2023 02:36:23 GMT
    Connection: keep-alive
  • flag-us
    GET
    https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /scripts/c/ms.analytics-web-3.min.js HTTP/2.0
    host: js.monitor.azure.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    if-modified-since: Tue, 21 Feb 2023 18:31:48 GMT
    if-none-match: 0x8DB1439E4C632FC
    Response
    HTTP/2.0 304
    cache-control: public, max-age=1800, immutable, no-transform
    content-type: text/javascript; charset=utf-8
    content-encoding: br
    content-md5: aluZD4aW63pn7P5rWzyrCw==
    last-modified: Tue, 21 Feb 2023 18:31:48 GMT
    etag: 0x8DB1439E4C632FC
    x-cache: TCP_HIT
    x-ms-request-id: 4da81a76-201e-000c-1664-516c92000000
    x-ms-version: 2009-09-19
    x-ms-meta-jssdkver: 3.2.9
    x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.analytics-web-3.2.9.min.js
    access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-lastmodified,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
    access-control-allow-origin: *
    x-azure-ref: 0pvQHZAAAAAD1SuGtXEuITonTE7Ce80beQU1TMDRFREdFMTgxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
    date: Wed, 08 Mar 2023 02:36:21 GMT
  • flag-us
    GET
    https://js.monitor.azure.com/scripts/b/ai.2.min.js
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /scripts/b/ai.2.min.js HTTP/2.0
    host: js.monitor.azure.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: public, max-age=1800, immutable, no-transform
    content-type: text/javascript; charset=utf-8
    content-encoding: br
    content-md5: h4Oif1EgSoBMW/uWvEgbaw==
    last-modified: Mon, 13 Feb 2023 18:12:26 GMT
    etag: 0x8DB0DEDDD07F1CC
    x-cache: TCP_HIT
    x-ms-request-id: 32438eb1-a01e-00c4-4063-51b0c7000000
    x-ms-version: 2009-09-19
    x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.10.min.js
    x-ms-meta-aijssdkver: 2.8.10
    access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
    access-control-allow-origin: *
    x-azure-ref: 0qPQHZAAAAABtdnI098tUQYbJV1uRDd2SQU1TMDRFREdFMTgxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
    date: Wed, 08 Mar 2023 02:36:23 GMT
  • flag-us
    GET
    https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.68:443
    Request
    GET /mscc/lib/v2/wcp-consent.js HTTP/2.0
    host: wcpstatic.microsoft.com
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    date: Wed, 08 Mar 2023 02:36:22 GMT
    content-type: application/javascript
    content-length: 13055
    content-encoding: gzip
    access-control-allow-origin: *
    access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
    age: 40637
    cache-control: max-age=43200
    content-md5: QT/MdZzBmCG2G2lBgIsptQ==
    etag: 0x8DA85F6F74C6D08
    last-modified: Wed, 24 Aug 2022 17:34:58 GMT
    vary: Accept-Encoding
    x-cache: CONFIG_NOCACHE
    x-ms-blob-type: BlockBlob
    x-ms-lease-status: unlocked
    x-ms-request-id: 4789fc7d-801e-009f-2108-51591b000000
    x-ms-version: 2009-09-19
    x-azure-ref: 20230308T023622Z-zytaftv7s126h2n5uwwugcv0y800000007qg00000001c0a8
    accept-ranges: bytes
  • flag-us
    DNS
    68.237.107.13.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    68.237.107.13.in-addr.arpa
    IN PTR
    Response
  • flag-in
    POST
    https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2
    MicrosoftEdgeCP.exe
    Remote address:
    15.206.251.85:443
    Request
    POST /rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2 HTTP/2.0
    host: target.microsoft.com
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    content-type: text/plain
    accept-encoding: gzip, deflate, br
    content-length: 763
    cache-control: no-cache
    cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248443
    Response
    HTTP/2.0 200
    date: Wed, 08 Mar 2023 02:36:26 GMT
    content-type: application/json;charset=UTF-8
    vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
    access-control-allow-origin: https://dotnet.microsoft.com
    access-control-allow-credentials: true
    x-request-id: e92ea57d23ee2e4213ef3de3dd0aa233
    timing-allow-origin: *
    accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
    content-encoding: gzip
  • flag-us
    GET
    https://dotnet.microsoft.com/favicon.ico
    MicrosoftEdge.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /favicon.ico HTTP/2.0
    host: dotnet.microsoft.com
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    dnt: 1
    Response
    HTTP/2.0 200
    date: Wed, 08 Mar 2023 02:36:28 GMT
    content-type: image/x-icon
    content-length: 17174
    cache-control: public, max-age=3600
    etag: "1d9515a327b3816"
    last-modified: Wed, 08 Mar 2023 01:06:22 GMT
    set-cookie: TiPMix=98.96735840302507; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    set-cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=dotnetwebsite.azurewebsites.net; Max-Age=3600; Secure
    request-context: appId=cid-v1:109cec76-ff6c-4be0-97b5-4f02dbac2451
    x-powered-by: ASP.NET
    x-content-type-options: nosniff
    x-azure-ref: 20230308T023628Z-q5dxq3zugt0p394y95453uq91w000000076000000000h3a5
    x-cache: CONFIG_NOCACHE
    accept-ranges: bytes
  • flag-in
    POST
    https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2
    MicrosoftEdgeCP.exe
    Remote address:
    15.206.251.85:443
    Request
    POST /rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2 HTTP/2.0
    host: target.microsoft.com
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    content-type: text/plain
    accept-encoding: gzip, deflate, br
    content-length: 763
    cache-control: no-cache
    cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248444
    Response
    HTTP/2.0 200
    date: Wed, 08 Mar 2023 02:36:27 GMT
    content-type: application/json;charset=UTF-8
    vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
    access-control-allow-origin: https://dotnet.microsoft.com
    access-control-allow-credentials: true
    x-request-id: e2497770463d595a769b5b451fcee745
    timing-allow-origin: *
    accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
    content-encoding: gzip
  • flag-us
    DNS
    browser.events.data.microsoft.com
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    browser.events.data.microsoft.com
    IN A
    Response
    browser.events.data.microsoft.com
    IN CNAME
    browser.events.data.trafficmanager.net
    browser.events.data.trafficmanager.net
    IN CNAME
    onedscolprdeus01.eastus.cloudapp.azure.com
    onedscolprdeus01.eastus.cloudapp.azure.com
    IN A
    52.168.112.66
  • flag-us
    OPTIONS
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
    MicrosoftEdgeCP.exe
    Remote address:
    52.168.112.66:443
    Request
    OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
    Accept: */*
    Origin: https://dotnet.microsoft.com
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Access-Control-Request-Headers: Client-Id, client-version, apikey, upload-time, time-delta-to-apply-millis, cache-control, content-type
    Access-Control-Request-Method: POST
    Accept-Encoding: gzip, deflate, br
    Host: browser.events.data.microsoft.com
    Content-Length: 0
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: public, 3600
    Content-Length: 0
    Server: Microsoft-HTTPAPI/2.0
    Strict-Transport-Security: max-age=31536000
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
    Access-Control-Max-Age: 3600
    Access-Control-Allow-Origin: https://dotnet.microsoft.com
    Date: Wed, 08 Mar 2023 02:36:25 GMT
  • flag-us
    POST
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
    MicrosoftEdgeCP.exe
    Remote address:
    52.168.112.66:443
    Request
    POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
    Accept: */*
    Origin: https://dotnet.microsoft.com
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Client-Id: NO_AUTH
    client-version: 1DS-Web-JS-3.2.9
    apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
    upload-time: 1678246583385
    time-delta-to-apply-millis: use-collector-delta
    cache-control: no-cache, no-store
    content-type: application/x-json-stream
    Accept-Encoding: gzip, deflate, br
    Host: browser.events.data.microsoft.com
    Content-Length: 919
    Connection: Keep-Alive
    Cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248444; MSCC=NR
    Response
    HTTP/1.1 200 OK
    Content-Length: 153
    Content-Type: application/json
    Server: Microsoft-HTTPAPI/2.0
    Strict-Transport-Security: max-age=31536000
    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
    Set-Cookie: MC1=GUID=bb57d6840a9041d8a221f5d7f39f21e2&HASH=bb57&LV=202303&V=4&LU=1678242986011; Domain=.microsoft.com; Expires=Thu, 07 Mar 2024 02:36:26 GMT; Path=/;Secure; SameSite=None
    Set-Cookie: MS0=43c95a242fe1481a859df490bc4be4a3; Domain=.microsoft.com; Expires=Wed, 08 Mar 2023 03:06:26 GMT; Path=/;Secure; SameSite=None
    time-delta-millis: -3597374
    Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
    Access-Control-Allow-Methods: POST
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Origin: https://dotnet.microsoft.com
    Access-Control-Expose-Headers: time-delta-millis
    Date: Wed, 08 Mar 2023 02:36:25 GMT
  • flag-us
    OPTIONS
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0
    MicrosoftEdgeCP.exe
    Remote address:
    52.168.112.66:443
    Request
    OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0 HTTP/1.1
    Accept: */*
    Origin: https://dotnet.microsoft.com
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Access-Control-Request-Headers: Client-Id, client-version, apikey, upload-time, time-delta-to-apply-millis, cache-control, content-type
    Access-Control-Request-Method: POST
    Accept-Encoding: gzip, deflate, br
    Host: browser.events.data.microsoft.com
    Content-Length: 0
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: public, 3600
    Content-Length: 0
    Server: Microsoft-HTTPAPI/2.0
    Strict-Transport-Security: max-age=31536000
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
    Access-Control-Max-Age: 3600
    Access-Control-Allow-Origin: https://dotnet.microsoft.com
    Date: Wed, 08 Mar 2023 02:36:27 GMT
  • flag-us
    POST
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0
    MicrosoftEdgeCP.exe
    Remote address:
    52.168.112.66:443
    Request
    POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0 HTTP/1.1
    Accept: */*
    Origin: https://dotnet.microsoft.com
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Client-Id: NO_AUTH
    client-version: 1DS-Web-JS-3.2.9
    apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
    upload-time: 1678246585321
    time-delta-to-apply-millis: -3597374
    cache-control: no-cache, no-store
    content-type: application/x-json-stream
    Accept-Encoding: gzip, deflate, br
    Host: browser.events.data.microsoft.com
    Content-Length: 7568
    Connection: Keep-Alive
    Cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248445|PC#238eb867aeee44dc98ede3c44363af51.31_0#1712426585; MSCC=NR; MC1=GUID=bb57d6840a9041d8a221f5d7f39f21e2&HASH=bb57&LV=202303&V=4&LU=1678242986011
    Response
    HTTP/1.1 200 OK
    Content-Length: 24
    Content-Type: application/json
    Server: Microsoft-HTTPAPI/2.0
    Strict-Transport-Security: max-age=31536000
    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
    Set-Cookie: MS0=6fc7c541d1ba468e88f3ddaac84a5ad5; Domain=.microsoft.com; Expires=Wed, 08 Mar 2023 03:06:27 GMT; Path=/;Secure; SameSite=None
    time-delta-millis: -3597763
    Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
    Access-Control-Allow-Methods: POST
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Origin: https://dotnet.microsoft.com
    Access-Control-Expose-Headers: time-delta-millis
    Date: Wed, 08 Mar 2023 02:36:27 GMT
  • flag-us
    DNS
    85.251.206.15.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    85.251.206.15.in-addr.arpa
    IN PTR
    Response
    85.251.206.15.in-addr.arpa
    IN PTR
    ec2-15-206-251-85 ap-south-1compute amazonawscom
  • flag-us
    OPTIONS
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
    MicrosoftEdgeCP.exe
    Remote address:
    52.168.112.66:443
    Request
    OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
    Accept: */*
    Origin: https://dotnet.microsoft.com
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Access-Control-Request-Headers: Client-Id, client-version, apikey, upload-time, time-delta-to-apply-millis, cache-control, content-type
    Access-Control-Request-Method: POST
    Accept-Encoding: gzip, deflate, br
    Host: browser.events.data.microsoft.com
    Content-Length: 0
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: public, 3600
    Content-Length: 0
    Server: Microsoft-HTTPAPI/2.0
    Strict-Transport-Security: max-age=31536000
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
    Access-Control-Max-Age: 3600
    Access-Control-Allow-Origin: https://dotnet.microsoft.com
    Date: Wed, 08 Mar 2023 02:36:26 GMT
  • flag-us
    POST
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
    MicrosoftEdgeCP.exe
    Remote address:
    52.168.112.66:443
    Request
    POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
    Accept: */*
    Origin: https://dotnet.microsoft.com
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Client-Id: NO_AUTH
    client-version: 1DS-Web-JS-3.2.9
    apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
    upload-time: 1678246584428
    time-delta-to-apply-millis: use-collector-delta
    cache-control: no-cache, no-store
    content-type: application/x-json-stream
    Accept-Encoding: gzip, deflate, br
    Host: browser.events.data.microsoft.com
    Content-Length: 2903
    Connection: Keep-Alive
    Cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248444; MSCC=NR; MC1=GUID=bb57d6840a9041d8a221f5d7f39f21e2&HASH=bb57&LV=202303&V=4&LU=1678242986011
    Response
    HTTP/1.1 200 OK
    Content-Length: 153
    Content-Type: application/json
    Server: Microsoft-HTTPAPI/2.0
    Strict-Transport-Security: max-age=31536000
    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
    Set-Cookie: MS0=ba0e7025f5c148c4bb482ffb754db299; Domain=.microsoft.com; Expires=Wed, 08 Mar 2023 03:06:26 GMT; Path=/;Secure; SameSite=None
    time-delta-millis: -3597687
    Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
    Access-Control-Allow-Methods: POST
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Origin: https://dotnet.microsoft.com
    Access-Control-Expose-Headers: time-delta-millis
    Date: Wed, 08 Mar 2023 02:36:26 GMT
  • flag-us
    OPTIONS
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
    MicrosoftEdgeCP.exe
    Remote address:
    52.168.112.66:443
    Request
    OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
    Accept: */*
    Origin: https://dotnet.microsoft.com
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Access-Control-Request-Headers: Client-Id, client-version, apikey, upload-time, time-delta-to-apply-millis, cache-control, content-type
    Access-Control-Request-Method: POST
    Accept-Encoding: gzip, deflate, br
    Host: browser.events.data.microsoft.com
    Content-Length: 0
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: public, 3600
    Content-Length: 0
    Server: Microsoft-HTTPAPI/2.0
    Strict-Transport-Security: max-age=31536000
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
    Access-Control-Max-Age: 3600
    Access-Control-Allow-Origin: https://dotnet.microsoft.com
    Date: Wed, 08 Mar 2023 02:36:27 GMT
  • flag-us
    POST
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
    MicrosoftEdgeCP.exe
    Remote address:
    52.168.112.66:443
    Request
    POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
    Accept: */*
    Origin: https://dotnet.microsoft.com
    Referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    Client-Id: NO_AUTH
    client-version: 1DS-Web-JS-3.2.9
    apikey: e3ba54439927461eaab706781b1d0014-e62140b3-6cb4-4e4d-8a44-0c1d27f9ba6e-7393
    upload-time: 1678246585662
    time-delta-to-apply-millis: -3597687
    cache-control: no-cache, no-store
    content-type: application/x-json-stream
    Accept-Encoding: gzip, deflate, br
    Host: browser.events.data.microsoft.com
    Content-Length: 5413
    Connection: Keep-Alive
    Cookie: at_check=true; mbox=session#238eb867aeee44dc98ede3c44363af51#1678248446|PC#238eb867aeee44dc98ede3c44363af51.31_0#1712426586; MSCC=NR; MC1=GUID=bb57d6840a9041d8a221f5d7f39f21e2&HASH=bb57&LV=202303&V=4&LU=1678242986011
    Response
    HTTP/1.1 200 OK
    Content-Length: 153
    Content-Type: application/json
    Server: Microsoft-HTTPAPI/2.0
    Strict-Transport-Security: max-age=31536000
    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
    Set-Cookie: MS0=08d45c78dc214eb9b524984018e2c382; Domain=.microsoft.com; Expires=Wed, 08 Mar 2023 03:06:27 GMT; Path=/;Secure; SameSite=None
    time-delta-millis: -3597938
    Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
    Access-Control-Allow-Methods: POST
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Origin: https://dotnet.microsoft.com
    Access-Control-Expose-Headers: time-delta-millis
    Date: Wed, 08 Mar 2023 02:36:27 GMT
  • flag-us
    DNS
    66.112.168.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    66.112.168.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    westus2-0.in.applicationinsights.azure.com
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    westus2-0.in.applicationinsights.azure.com
    IN A
    Response
    westus2-0.in.applicationinsights.azure.com
    IN CNAME
    westus2-0.in.ai.monitor.azure.com
    westus2-0.in.ai.monitor.azure.com
    IN CNAME
    westus2-0.in.ai.privatelink.monitor.azure.com
    westus2-0.in.ai.privatelink.monitor.azure.com
    IN CNAME
    wus2-breeziest-in.trafficmanager.net
    wus2-breeziest-in.trafficmanager.net
    IN CNAME
    gig-ai-prod-wus2-01-app-v4-tag.westus2.cloudapp.azure.com
    gig-ai-prod-wus2-01-app-v4-tag.westus2.cloudapp.azure.com
    IN A
    20.9.155.148
  • flag-us
    OPTIONS
    https://westus2-0.in.applicationinsights.azure.com//v2/track
    MicrosoftEdgeCP.exe
    Remote address:
    20.9.155.148:443
    Request
    OPTIONS //v2/track HTTP/2.0
    host: westus2-0.in.applicationinsights.azure.com
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    access-control-request-headers: Content-type
    access-control-request-method: POST
    accept-encoding: gzip, deflate, br
    content-length: 0
    cache-control: no-cache
    Response
    HTTP/2.0 200
    content-length: 0
    server: Microsoft-HTTPAPI/2.0
    x-content-type-options: nosniff
    strict-transport-security: max-age=31536000
    access-control-allow-origin: *
    access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
    access-control-allow-methods: POST
    access-control-max-age: 3600
    x-request-id: 15ce1034-c7e1-48af-93fc-05ed84713b49
    date: Wed, 08 Mar 2023 02:36:27 GMT
  • flag-us
    POST
    https://westus2-0.in.applicationinsights.azure.com//v2/track
    MicrosoftEdgeCP.exe
    Remote address:
    20.9.155.148:443
    Request
    POST //v2/track HTTP/2.0
    host: westus2-0.in.applicationinsights.azure.com
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    content-type: application/json
    accept-encoding: gzip, deflate, br
    content-length: 4675
    cache-control: no-cache
    Response
    HTTP/2.0 200
    content-type: application/json; charset=utf-8
    server: Microsoft-HTTPAPI/2.0
    x-content-type-options: nosniff
    strict-transport-security: max-age=31536000
    access-control-allow-origin: *
    x-request-id: 59179ccc-8251-4220-bed5-498f4ef891ae
    date: Wed, 08 Mar 2023 02:36:28 GMT
  • flag-us
    POST
    https://westus2-0.in.applicationinsights.azure.com//v2/track
    MicrosoftEdgeCP.exe
    Remote address:
    20.9.155.148:443
    Request
    POST //v2/track HTTP/2.0
    host: westus2-0.in.applicationinsights.azure.com
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    content-type: application/json
    accept-encoding: gzip, deflate, br
    content-length: 2514
    cache-control: no-cache
    Response
    HTTP/2.0 200
    content-type: application/json; charset=utf-8
    server: Microsoft-HTTPAPI/2.0
    x-content-type-options: nosniff
    strict-transport-security: max-age=31536000
    access-control-allow-origin: *
    x-request-id: 13a7bed3-da2b-4292-92db-222c58418f3e
    date: Wed, 08 Mar 2023 02:36:44 GMT
  • flag-us
    DNS
    148.155.9.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    148.155.9.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    OPTIONS
    https://westus2-0.in.applicationinsights.azure.com//v2/track
    MicrosoftEdgeCP.exe
    Remote address:
    20.9.155.148:443
    Request
    OPTIONS //v2/track HTTP/2.0
    host: westus2-0.in.applicationinsights.azure.com
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    access-control-request-headers: Content-type
    access-control-request-method: POST
    accept-encoding: gzip, deflate, br
    content-length: 0
    cache-control: no-cache
    Response
    HTTP/2.0 200
    content-length: 0
    server: Microsoft-HTTPAPI/2.0
    x-content-type-options: nosniff
    strict-transport-security: max-age=31536000
    access-control-allow-origin: *
    access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
    access-control-allow-methods: POST
    access-control-max-age: 3600
    x-request-id: 6548138a-e3e7-4399-a737-63d3daa28f99
    date: Wed, 08 Mar 2023 02:36:28 GMT
  • flag-us
    POST
    https://westus2-0.in.applicationinsights.azure.com//v2/track
    MicrosoftEdgeCP.exe
    Remote address:
    20.9.155.148:443
    Request
    POST //v2/track HTTP/2.0
    host: westus2-0.in.applicationinsights.azure.com
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    content-type: application/json
    accept-encoding: gzip, deflate, br
    content-length: 4674
    cache-control: no-cache
    Response
    HTTP/2.0 200
    content-type: application/json; charset=utf-8
    server: Microsoft-HTTPAPI/2.0
    x-content-type-options: nosniff
    strict-transport-security: max-age=31536000
    access-control-allow-origin: *
    x-request-id: ed4ae9c0-7ed7-4aa4-bcf6-b1109c93a849
    date: Wed, 08 Mar 2023 02:36:28 GMT
  • flag-us
    POST
    https://westus2-0.in.applicationinsights.azure.com//v2/track
    MicrosoftEdgeCP.exe
    Remote address:
    20.9.155.148:443
    Request
    POST //v2/track HTTP/2.0
    host: westus2-0.in.applicationinsights.azure.com
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    content-type: application/json
    accept-encoding: gzip, deflate, br
    content-length: 878
    cache-control: no-cache
    Response
    HTTP/2.0 200
    content-type: application/json; charset=utf-8
    server: Microsoft-HTTPAPI/2.0
    x-content-type-options: nosniff
    strict-transport-security: max-age=31536000
    access-control-allow-origin: *
    x-request-id: fbd4df05-71d6-4403-b261-c3bca21d95d7
    date: Wed, 08 Mar 2023 02:36:46 GMT
  • flag-us
    DNS
    www.clarity.ms
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    www.clarity.ms
    IN A
    Response
    www.clarity.ms
    IN CNAME
    clarity.azurefd.net
    clarity.azurefd.net
    IN CNAME
    star-azurefd-prod.trafficmanager.net
    star-azurefd-prod.trafficmanager.net
    IN CNAME
    shed.dual-low.part-0020.t-0009.fdv2-t-msedge.net
    shed.dual-low.part-0020.t-0009.fdv2-t-msedge.net
    IN CNAME
    part-0020.t-0009.fdv2-t-msedge.net
    part-0020.t-0009.fdv2-t-msedge.net
    IN A
    13.107.237.48
    part-0020.t-0009.fdv2-t-msedge.net
    IN A
    13.107.238.48
  • flag-us
    GET
    https://www.clarity.ms/tag/51xi6lo2qb
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /tag/51xi6lo2qb HTTP/2.0
    host: www.clarity.ms
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 200
    cache-control: no-cache, no-store
    content-type: application/x-javascript
    expires: -1
    set-cookie: CLID=f629f2ab0d9c44a58546d07e24b40ca2.20230308.20240307; expires=Thu, 07 Mar 2024 02:36:29 GMT; path=/; secure; samesite=none; httponly
    request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
    x-cache: CONFIG_NOCACHE
    x-azure-ref: 0rfQHZAAAAABUJVVVXXWxSLtMxuQzb7+/QU1TMDRFREdFMTkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
    date: Wed, 08 Mar 2023 02:36:29 GMT
  • flag-us
    GET
    https://www.clarity.ms/eus-e-sc/s/0.7.2/clarity.js
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.48:443
    Request
    GET /eus-e-sc/s/0.7.2/clarity.js HTTP/2.0
    host: www.clarity.ms
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    cookie: CLID=f629f2ab0d9c44a58546d07e24b40ca2.20230308.20240307
    Response
    HTTP/2.0 200
    cache-control: public,max-age=86400
    content-type: application/javascript;charset=utf-8
    content-encoding: br
    last-modified: Wed, 01 Jun 2022 12:22:22 GMT
    accept-ranges: bytes
    etag: "1d94d032bd8761c"
    x-cache: TCP_HIT
    request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
    x-azure-ref: 0rfQHZAAAAAAfAO/cHLnRTK+xlIdj8CUQQU1TMDRFREdFMTkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
    date: Wed, 08 Mar 2023 02:36:29 GMT
  • flag-us
    DNS
    c.clarity.ms
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    c.clarity.ms
    IN A
    Response
    c.clarity.ms
    IN CNAME
    c.msn.com
    c.msn.com
    IN CNAME
    c-msn-com-nsatc.trafficmanager.net
    c-msn-com-nsatc.trafficmanager.net
    IN A
    20.205.115.81
  • flag-hk
    GET
    https://c.clarity.ms/c.gif
    MicrosoftEdgeCP.exe
    Remote address:
    20.205.115.81:443
    Request
    GET /c.gif HTTP/2.0
    host: c.clarity.ms
    accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 302
    cache-control: private, no-cache, proxy-revalidate, no-store
    pragma: no-cache
    location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4
    server: Microsoft-IIS/10.0
    x-powered-by: ASP.NET
    p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
    set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
    set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.clarity.ms; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure; Priority=High;
    date: Wed, 08 Mar 2023 02:36:29 GMT
    content-length: 0
  • flag-hk
    GET
    https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4
    MicrosoftEdgeCP.exe
    Remote address:
    20.205.115.81:443
    Request
    GET /c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4 HTTP/2.0
    host: c.clarity.ms
    accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    cookie: SM=T; MUID=37BDD836ED616D341CCFCAF8E96163B4
    Response
    HTTP/2.0 200
    cache-control: private, no-cache, proxy-revalidate, no-store
    pragma: no-cache
    content-type: image/gif
    last-modified: Fri, 17 Feb 2023 00:56:25 GMT
    accept-ranges: bytes
    etag: "625d0a86a42d91:0"
    server: Microsoft-IIS/10.0
    x-powered-by: ASP.NET
    p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
    set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
    set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.clarity.ms; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure; Priority=High;
    set-cookie: MR=0; domain=c.clarity.ms; expires=Wed, 15-Mar-2023 02:36:30 GMT; path=/; SameSite=None; Secure;
    set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 08-Mar-2023 02:46:30 GMT; path=/; SameSite=None; Secure;
    date: Wed, 08 Mar 2023 02:36:29 GMT
    content-length: 42
  • flag-us
    DNS
    w.clarity.ms
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    w.clarity.ms
    IN A
    Response
    w.clarity.ms
    IN CNAME
    clarity-ingest-eus-e-sc.eastus.cloudapp.azure.com
    clarity-ingest-eus-e-sc.eastus.cloudapp.azure.com
    IN A
    23.96.124.156
  • flag-us
    POST
    https://w.clarity.ms/collect
    MicrosoftEdgeCP.exe
    Remote address:
    23.96.124.156:443
    Request
    POST /collect HTTP/2.0
    host: w.clarity.ms
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    content-type: text/plain;charset=UTF-8
    accept-encoding: gzip, deflate, br
    content-length: 732
    cache-control: no-cache
    Response
    HTTP/2.0 204
    vary: Origin
    server: Microsoft-IIS/10.0
    request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
    access-control-allow-origin: https://dotnet.microsoft.com
    access-control-allow-credentials: true
    date: Wed, 08 Mar 2023 02:36:29 GMT
  • flag-us
    POST
    https://w.clarity.ms/collect
    MicrosoftEdgeCP.exe
    Remote address:
    23.96.124.156:443
    Request
    POST /collect HTTP/2.0
    host: w.clarity.ms
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    content-type: text/plain;charset=UTF-8
    accept-encoding: gzip, deflate, br
    content-length: 211861
    cache-control: no-cache
    cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4
    Response
    HTTP/2.0 204
    vary: Origin
    server: Microsoft-IIS/10.0
    request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
    access-control-allow-origin: https://dotnet.microsoft.com
    access-control-allow-credentials: true
    date: Wed, 08 Mar 2023 02:36:30 GMT
  • flag-us
    DNS
    www.clarity.ms
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    www.clarity.ms
    IN A
    Response
    www.clarity.ms
    IN CNAME
    clarity.azurefd.net
    clarity.azurefd.net
    IN CNAME
    star-azurefd-prod.trafficmanager.net
    star-azurefd-prod.trafficmanager.net
    IN CNAME
    shed.dual-low.part-0040.t-0009.fdv2-t-msedge.net
    shed.dual-low.part-0040.t-0009.fdv2-t-msedge.net
    IN CNAME
    part-0040.t-0009.fdv2-t-msedge.net
    part-0040.t-0009.fdv2-t-msedge.net
    IN A
    13.107.237.68
    part-0040.t-0009.fdv2-t-msedge.net
    IN A
    13.107.238.68
  • flag-us
    GET
    https://www.clarity.ms/tag/51xi6lo2qb
    MicrosoftEdgeCP.exe
    Remote address:
    13.107.237.68:443
    Request
    GET /tag/51xi6lo2qb HTTP/2.0
    host: www.clarity.ms
    accept: application/javascript, */*;q=0.8
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    cookie: CLID=f629f2ab0d9c44a58546d07e24b40ca2.20230308.20240307
    Response
    HTTP/2.0 200
    date: Wed, 08 Mar 2023 02:36:30 GMT
    content-type: application/x-javascript
    cache-control: no-cache, no-store
    expires: -1
    request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
    x-azure-ref: 20230308T023630Z-2cc23mza956vt6hfn4cvezmz10000000077g000000003chu
    x-cache: CONFIG_NOCACHE
  • flag-us
    DNS
    c.bing.com
    MicrosoftEdgeCP.exe
    Remote address:
    8.8.8.8:53
    Request
    c.bing.com
    IN A
    Response
    c.bing.com
    IN CNAME
    c-bing-com.a-0001.a-msedge.net
    c-bing-com.a-0001.a-msedge.net
    IN CNAME
    dual-a-0001.a-msedge.net
    dual-a-0001.a-msedge.net
    IN A
    204.79.197.200
    dual-a-0001.a-msedge.net
    IN A
    13.107.21.200
  • flag-us
    GET
    https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4
    MicrosoftEdgeCP.exe
    Remote address:
    204.79.197.200:443
    Request
    GET /c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4 HTTP/2.0
    host: c.bing.com
    accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    Response
    HTTP/2.0 302
    cache-control: private, no-cache, proxy-revalidate, no-store
    pragma: no-cache
    location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4
    p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
    set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.bing.com; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure; Priority=High;
    set-cookie: MR=0; domain=c.bing.com; expires=Wed, 15-Mar-2023 02:36:30 GMT; path=/; SameSite=None; Secure;
    set-cookie: SRM_B=37BDD836ED616D341CCFCAF8E96163B4; domain=c.bing.com; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure;
    x-powered-by: ASP.NET
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 6676333B187541339DA6344B4FA52A72 Ref B: AMS04EDGE3512 Ref C: 2023-03-08T02:36:30Z
    date: Wed, 08 Mar 2023 02:36:30 GMT
    content-length: 0
  • flag-hk
    GET
    https://c.clarity.ms/c.gif
    MicrosoftEdgeCP.exe
    Remote address:
    20.205.115.81:443
    Request
    GET /c.gif HTTP/2.0
    host: c.clarity.ms
    accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; SM=T
    Response
    HTTP/2.0 302
    cache-control: private, no-cache, proxy-revalidate, no-store
    pragma: no-cache
    location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4
    server: Microsoft-IIS/10.0
    x-powered-by: ASP.NET
    p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
    set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
    set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.clarity.ms; expires=Mon, 01-Apr-2024 02:36:30 GMT; path=/; SameSite=None; Secure; Priority=High;
    date: Wed, 08 Mar 2023 02:36:30 GMT
    content-length: 0
  • flag-hk
    GET
    https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4
    MicrosoftEdgeCP.exe
    Remote address:
    20.205.115.81:443
    Request
    GET /c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4 HTTP/2.0
    host: c.clarity.ms
    accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; SM=T; MR=0
    Response
    HTTP/2.0 200
    cache-control: private, no-cache, proxy-revalidate, no-store
    pragma: no-cache
    content-type: image/gif
    last-modified: Fri, 17 Feb 2023 00:56:25 GMT
    accept-ranges: bytes
    etag: "625d0a86a42d91:0"
    server: Microsoft-IIS/10.0
    x-powered-by: ASP.NET
    p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
    set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
    set-cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; domain=.clarity.ms; expires=Mon, 01-Apr-2024 02:36:31 GMT; path=/; SameSite=None; Secure; Priority=High;
    set-cookie: MR=0; domain=c.clarity.ms; expires=Wed, 15-Mar-2023 02:36:31 GMT; path=/; SameSite=None; Secure;
    set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 08-Mar-2023 02:46:31 GMT; path=/; SameSite=None; Secure;
    date: Wed, 08 Mar 2023 02:36:30 GMT
    content-length: 42
  • flag-us
    DNS
    200.232.18.117.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    200.232.18.117.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    81.115.205.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    81.115.205.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    156.124.96.23.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    156.124.96.23.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    200.197.79.204.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    200.197.79.204.in-addr.arpa
    IN PTR
    Response
    200.197.79.204.in-addr.arpa
    IN PTR
    a-0001a-msedgenet
  • flag-us
    GET
    https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4
    MicrosoftEdgeCP.exe
    Remote address:
    204.79.197.200:443
    Request
    GET /c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4 HTTP/2.0
    host: c.bing.com
    accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    accept-encoding: gzip, deflate, br
    cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4; MR=0; SRM_B=37BDD836ED616D341CCFCAF8E96163B4
    Response
    HTTP/2.0 302
    cache-control: private, no-cache, proxy-revalidate, no-store
    pragma: no-cache
    location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4
    p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
    set-cookie: SRM_B=37BDD836ED616D341CCFCAF8E96163B4; domain=c.bing.com; expires=Mon, 01-Apr-2024 02:36:31 GMT; path=/; SameSite=None; Secure;
    x-powered-by: ASP.NET
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: CBCF073F03C74C4CA5BF6B9F3A20BA12 Ref B: AMS04EDGE3515 Ref C: 2023-03-08T02:36:31Z
    date: Wed, 08 Mar 2023 02:36:30 GMT
    content-length: 0
  • flag-us
    POST
    https://w.clarity.ms/collect
    MicrosoftEdgeCP.exe
    Remote address:
    23.96.124.156:443
    Request
    POST /collect HTTP/2.0
    host: w.clarity.ms
    accept: */*
    origin: https://dotnet.microsoft.com
    referer: https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework
    accept-language: en-US
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
    content-type: text/plain;charset=UTF-8
    accept-encoding: gzip, deflate, br
    content-length: 732
    cache-control: no-cache
    cookie: MUID=37BDD836ED616D341CCFCAF8E96163B4
    Response
    HTTP/2.0 204
    vary: Origin
    server: Microsoft-IIS/10.0
    request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
    access-control-allow-origin: https://dotnet.microsoft.com
    access-control-allow-credentials: true
    date: Wed, 08 Mar 2023 02:36:31 GMT
  • flag-us
    DNS
    233.141.123.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    233.141.123.20.in-addr.arpa
    IN PTR
    Response
  • 13.107.237.48:443
    dotnet.microsoft.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.2kB
    7.5kB
    16
    13
  • 13.107.237.48:443
    https://dotnet.microsoft.com/static/fonts/space-grotesk-v12-latin-700.woff2
    tls, http2
    MicrosoftEdgeCP.exe
    32.6kB
    625.5kB
    650
    647

    HTTP Request

    GET https://dotnet.microsoft.com/get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0

    HTTP Response

    302

    HTTP Request

    GET https://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframework

    HTTP Response

    302

    HTTP Request

    GET https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework

    HTTP Response

    200

    HTTP Request

    GET https://dotnet.microsoft.com/static/css/bootstrap-custom.min.css?v=EDbDNv-EoxbdChr2Men0D63u9rPl50WPGUpFVl91y38

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3Y

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2ls

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8

    HTTP Response

    200

    HTTP Request

    GET https://dotnet.microsoft.com/static/images/redesign/download/dotnet-framework-runtime.svg?v=22xvQuHVYJL7LD0xeWgHfLKUNROSdPrvv0q3aBlVvsY

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4Q

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/culture-selector.min.js?v=4_W8YedFnTAVF-SRhGplUFsiivF2-s2hR-NZWrivGYc

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6U

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQ

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Request

    GET https://dotnet.microsoft.com/static/fonts/open-sans-v34-latin-regular.woff2

    HTTP Request

    GET https://dotnet.microsoft.com/static/fonts/open-sans-v34-latin-600.woff2

    HTTP Request

    GET https://dotnet.microsoft.com/static/fonts/open-sans-v34-latin-700.woff2

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Request

    GET https://dotnet.microsoft.com/static/fonts/space-grotesk-v12-latin-700.woff2

    HTTP Response

    200
  • 13.107.237.48:443
    https://dotnet.microsoft.com/static/images/redesign/alert-info.svg
    tls, http2
    MicrosoftEdgeCP.exe
    24.0kB
    455.7kB
    472
    471

    HTTP Request

    GET https://dotnet.microsoft.com/get-dotnet/dotnet-framework?tfm=.NETFramework%2cVersion%3dv4.8&processName=VenomRAT_HVNC.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0

    HTTP Response

    302

    HTTP Request

    GET https://dotnet.microsoft.com/download/dotnet-framework/net481?cid=getdotnetframework

    HTTP Response

    302

    HTTP Request

    GET https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481?cid=getdotnetframework

    HTTP Response

    200

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/analytics.min.js?v=xSbiFzzqKtDBY8B6pFWaKQv0zuU3H9AGBJ89llM7e3Y

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/at-config.1.4.1.js?v=2DEw102Cox6KZTN48AUdV-9WC9hUBshUBMD3vZgBsL8

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/at.js?v=zZduwa0OZAVggPdb1buBzGG1RMj1NcospjCn9Kpf2ls

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/general.min.js?v=OXxiOWtD8Q4pCCNVxAm8CwxFRrrNXeVI1n1YXtI2q4Q

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/cookie-consent.min.js?v=-J8AjwBwYHg1BddIlpmpIaFDRX5pG32NU8JyPd4Jz6U

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/main.min.js?v=RjBoR-VD59FaR3nCuB8GNeWCTE0Q8Ccb_w5d8FnnaM4

    HTTP Request

    GET https://dotnet.microsoft.com/static/js/cda-tracker.min.js?v=woD9KkUt44X4IMMUdvOqBCkwNhVjAy-k1Yx3NOxd5SQ

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Request

    GET https://dotnet.microsoft.com/static/images/redesign/alert-promo.svg

    HTTP Request

    GET https://dotnet.microsoft.com/static/images/redesign/alert-info.svg

    HTTP Response

    200

    HTTP Response

    200
  • 173.223.113.131:443
    https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
    tls, http2
    MicrosoftEdgeCP.exe
    5.5kB
    97.8kB
    89
    86

    HTTP Request

    GET https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231

    HTTP Response

    200

    HTTP Request

    GET https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1

    HTTP Response

    200

    HTTP Request

    GET https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

    HTTP Response

    200
  • 173.223.113.131:443
    www.microsoft.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.3kB
    7.1kB
    18
    17
  • 23.32.238.226:443
    statics-marketingsites-wcus-ms-com.akamaized.net
    tls
    MicrosoftEdgeCP.exe
    821 B
    4.3kB
    10
    9
  • 23.32.238.226:443
    https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css
    tls, http
    MicrosoftEdgeCP.exe
    1.3kB
    5.2kB
    10
    9

    HTTP Request

    GET https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css

    HTTP Response

    200
  • 13.107.237.48:443
    https://js.monitor.azure.com/scripts/b/ai.2.min.js
    tls, http2
    MicrosoftEdgeCP.exe
    3.5kB
    60.4kB
    56
    54

    HTTP Request

    GET https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js

    HTTP Response

    200

    HTTP Request

    GET https://js.monitor.azure.com/scripts/b/ai.2.min.js

    HTTP Response

    304
  • 13.107.237.48:443
    js.monitor.azure.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.3kB
    6.9kB
    14
    13
  • 13.107.237.68:443
    https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
    tls, http2
    MicrosoftEdgeCP.exe
    1.9kB
    20.1kB
    25
    24

    HTTP Request

    GET https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js

    HTTP Response

    200
  • 13.107.237.68:443
    wcpstatic.microsoft.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.1kB
    6.0kB
    13
    12
  • 23.32.238.226:443
    statics-marketingsites-wcus-ms-com.akamaized.net
    tls
    MicrosoftEdgeCP.exe
    789 B
    4.2kB
    9
    8
  • 23.32.238.226:443
    https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css
    tls, http
    MicrosoftEdgeCP.exe
    1.3kB
    5.2kB
    9
    8

    HTTP Request

    GET https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css

    HTTP Response

    200
  • 13.107.237.48:443
    https://js.monitor.azure.com/scripts/b/ai.2.min.js
    tls, http2
    MicrosoftEdgeCP.exe
    3.4kB
    55.1kB
    51
    50

    HTTP Request

    GET https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js

    HTTP Response

    304

    HTTP Request

    GET https://js.monitor.azure.com/scripts/b/ai.2.min.js

    HTTP Response

    200
  • 13.107.237.48:443
    js.monitor.azure.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.4kB
    7.4kB
    15
    12
  • 13.107.237.68:443
    wcpstatic.microsoft.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.3kB
    5.5kB
    13
    11
  • 13.107.237.68:443
    https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
    tls, http2
    MicrosoftEdgeCP.exe
    2.1kB
    19.5kB
    25
    22

    HTTP Request

    GET https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js

    HTTP Response

    200
  • 15.206.251.85:443
    target.microsoft.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.1kB
    5.2kB
    15
    13
  • 15.206.251.85:443
    https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2
    tls, http2
    MicrosoftEdgeCP.exe
    2.7kB
    6.1kB
    21
    17

    HTTP Request

    POST https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2

    HTTP Response

    200
  • 13.107.237.48:443
    https://dotnet.microsoft.com/favicon.ico
    tls, http2
    MicrosoftEdge.exe
    2.0kB
    25.8kB
    30
    27

    HTTP Request

    GET https://dotnet.microsoft.com/favicon.ico

    HTTP Response

    200
  • 13.107.237.48:443
    dotnet.microsoft.com
    tls, http2
    MicrosoftEdge.exe
    1.1kB
    6.9kB
    14
    13
  • 15.206.251.85:443
    https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2
    tls, http2
    MicrosoftEdgeCP.exe
    2.7kB
    6.2kB
    22
    18

    HTTP Request

    POST https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=238eb867aeee44dc98ede3c44363af51&version=2.8.2

    HTTP Response

    200
  • 15.206.251.85:443
    target.microsoft.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.1kB
    5.1kB
    14
    12
  • 52.168.112.66:443
    browser.events.data.microsoft.com
    tls
    MicrosoftEdgeCP.exe
    838 B
    6.6kB
    10
    7
  • 52.168.112.66:443
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0
    tls, http
    MicrosoftEdgeCP.exe
    13.8kB
    10.1kB
    25
    16

    HTTP Request

    OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

    HTTP Response

    200

    HTTP Request

    POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

    HTTP Response

    200

    HTTP Request

    OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0

    HTTP Response

    200

    HTTP Request

    POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dbb57d6840a9041d8a221f5d7f39f21e2%26HASH%3Dbb57%26LV%3D202303%26V%3D4%26LU%3D1678242986011&w=0

    HTTP Response

    200
  • 52.168.112.66:443
    browser.events.data.microsoft.com
    tls
    MicrosoftEdgeCP.exe
    838 B
    6.6kB
    10
    7
  • 52.168.112.66:443
    https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
    tls, http
    MicrosoftEdgeCP.exe
    16.5kB
    10.2kB
    29
    19

    HTTP Request

    OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

    HTTP Response

    200

    HTTP Request

    POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

    HTTP Response

    200

    HTTP Request

    OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

    HTTP Response

    200

    HTTP Request

    POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

    HTTP Response

    200
  • 20.9.155.148:443
    westus2-0.in.applicationinsights.azure.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.1kB
    6.8kB
    14
    11
  • 20.9.155.148:443
    https://westus2-0.in.applicationinsights.azure.com//v2/track
    tls, http2
    MicrosoftEdgeCP.exe
    14.7kB
    8.5kB
    37
    27

    HTTP Request

    OPTIONS https://westus2-0.in.applicationinsights.azure.com//v2/track

    HTTP Response

    200

    HTTP Request

    POST https://westus2-0.in.applicationinsights.azure.com//v2/track

    HTTP Response

    200

    HTTP Request

    POST https://westus2-0.in.applicationinsights.azure.com//v2/track

    HTTP Response

    200
  • 20.189.173.6:443
    322 B
    7
  • 20.9.155.148:443
    westus2-0.in.applicationinsights.azure.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.1kB
    6.8kB
    14
    11
  • 20.9.155.148:443
    https://westus2-0.in.applicationinsights.azure.com//v2/track
    tls, http2
    MicrosoftEdgeCP.exe
    8.1kB
    8.1kB
    32
    22

    HTTP Request

    OPTIONS https://westus2-0.in.applicationinsights.azure.com//v2/track

    HTTP Response

    200

    HTTP Request

    POST https://westus2-0.in.applicationinsights.azure.com//v2/track

    HTTP Response

    200

    HTTP Request

    POST https://westus2-0.in.applicationinsights.azure.com//v2/track

    HTTP Response

    200
  • 13.107.237.48:443
    https://www.clarity.ms/eus-e-sc/s/0.7.2/clarity.js
    tls, http2
    MicrosoftEdgeCP.exe
    2.5kB
    27.5kB
    35
    33

    HTTP Request

    GET https://www.clarity.ms/tag/51xi6lo2qb

    HTTP Response

    200

    HTTP Request

    GET https://www.clarity.ms/eus-e-sc/s/0.7.2/clarity.js

    HTTP Response

    200
  • 13.107.237.48:443
    www.clarity.ms
    tls, http2
    MicrosoftEdgeCP.exe
    1.3kB
    6.0kB
    13
    11
  • 20.205.115.81:443
    https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4
    tls, http2
    MicrosoftEdgeCP.exe
    1.6kB
    7.7kB
    17
    12

    HTTP Request

    GET https://c.clarity.ms/c.gif

    HTTP Response

    302

    HTTP Request

    GET https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&MUID=37BDD836ED616D341CCFCAF8E96163B4

    HTTP Response

    200
  • 20.205.115.81:443
    c.clarity.ms
    tls, http2
    MicrosoftEdgeCP.exe
    1.0kB
    6.9kB
    14
    11
  • 23.96.124.156:443
    w.clarity.ms
    tls, http2
    MicrosoftEdgeCP.exe
    1.1kB
    6.8kB
    14
    11
  • 23.96.124.156:443
    https://w.clarity.ms/collect
    tls, http2
    MicrosoftEdgeCP.exe
    239.9kB
    22.9kB
    300
    246

    HTTP Request

    POST https://w.clarity.ms/collect

    HTTP Request

    POST https://w.clarity.ms/collect

    HTTP Response

    204

    HTTP Response

    204
  • 13.107.237.68:443
    www.clarity.ms
    tls, http2
    MicrosoftEdgeCP.exe
    1.0kB
    5.4kB
    13
    10
  • 13.107.237.68:443
    https://www.clarity.ms/tag/51xi6lo2qb
    tls, http2
    MicrosoftEdgeCP.exe
    1.4kB
    6.4kB
    15
    12

    HTTP Request

    GET https://www.clarity.ms/tag/51xi6lo2qb

    HTTP Response

    200
  • 204.79.197.200:443
    https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4
    tls, http2
    MicrosoftEdgeCP.exe
    1.6kB
    8.9kB
    16
    15

    HTTP Request

    GET https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F971EC052A4F48C1B382AEC2D6C8AF84&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4

    HTTP Response

    302
  • 204.79.197.200:443
    c.bing.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.2kB
    8.1kB
    15
    14
  • 20.205.115.81:443
    https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4
    tls, http2
    MicrosoftEdgeCP.exe
    1.7kB
    7.8kB
    17
    12

    HTTP Request

    GET https://c.clarity.ms/c.gif

    HTTP Response

    302

    HTTP Request

    GET https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&MUID=37BDD836ED616D341CCFCAF8E96163B4

    HTTP Response

    200
  • 20.205.115.81:443
    c.clarity.ms
    tls, http2
    MicrosoftEdgeCP.exe
    1.0kB
    6.8kB
    14
    11
  • 204.79.197.200:443
    c.bing.com
    tls, http2
    MicrosoftEdgeCP.exe
    1.4kB
    8.1kB
    15
    14
  • 204.79.197.200:443
    https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4
    tls, http2
    MicrosoftEdgeCP.exe
    1.8kB
    8.7kB
    16
    15

    HTTP Request

    GET https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F26CD1CCFE624319911B60B1AFC24946&RedC=c.clarity.ms&MXFR=37BDD836ED616D341CCFCAF8E96163B4

    HTTP Response

    302
  • 23.96.124.156:443
    https://w.clarity.ms/collect
    tls, http2
    MicrosoftEdgeCP.exe
    2.5kB
    7.2kB
    19
    13

    HTTP Request

    POST https://w.clarity.ms/collect

    HTTP Response

    204
  • 23.96.124.156:443
    w.clarity.ms
    tls, http2
    MicrosoftEdgeCP.exe
    1.1kB
    6.9kB
    14
    11
  • 8.8.8.8:53
    45.147.19.2.in-addr.arpa
    dns
    70 B
    133 B
    1
    1

    DNS Request

    45.147.19.2.in-addr.arpa

  • 8.8.8.8:53
    126.135.241.8.in-addr.arpa
    dns
    72 B
    126 B
    1
    1

    DNS Request

    126.135.241.8.in-addr.arpa

  • 8.8.8.8:53
    76.38.195.152.in-addr.arpa
    dns
    72 B
    143 B
    1
    1

    DNS Request

    76.38.195.152.in-addr.arpa

  • 8.8.8.8:53
    dotnet.microsoft.com
    dns
    MicrosoftEdge.exe
    66 B
    263 B
    1
    1

    DNS Request

    dotnet.microsoft.com

    DNS Response

    13.107.237.48
    13.107.238.48

  • 8.8.8.8:53
    48.237.107.13.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    48.237.107.13.in-addr.arpa

  • 8.8.8.8:53
    www.microsoft.com
    dns
    MicrosoftEdgeCP.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    173.223.113.131

  • 8.8.8.8:53
    statics-marketingsites-wcus-ms-com.akamaized.net
    dns
    MicrosoftEdgeCP.exe
    94 B
    156 B
    1
    1

    DNS Request

    statics-marketingsites-wcus-ms-com.akamaized.net

    DNS Response

    23.32.238.226
    23.32.238.218

  • 8.8.8.8:53
    js.monitor.azure.com
    dns
    MicrosoftEdgeCP.exe
    66 B
    287 B
    1
    1

    DNS Request

    js.monitor.azure.com

    DNS Response

    13.107.237.48
    13.107.238.48

  • 8.8.8.8:53
    target.microsoft.com
    dns
    MicrosoftEdgeCP.exe
    66 B
    293 B
    1
    1

    DNS Request

    target.microsoft.com

    DNS Response

    15.206.251.85
    15.207.29.139
    3.109.115.193
    35.154.62.160
    65.2.93.183
    43.205.224.61
    13.234.102.54
    3.108.216.255

  • 8.8.8.8:53
    microsoftmscompoc.tt.omtrdc.net
    dns
    MicrosoftEdge.exe
    77 B
    259 B
    1
    1

    DNS Request

    microsoftmscompoc.tt.omtrdc.net

    DNS Response

    3.6.5.26
    13.234.102.54
    43.205.224.61
    3.108.216.255
    13.234.170.191
    15.206.251.85
    65.2.93.183
    15.206.26.228

  • 8.8.8.8:53
    wcpstatic.microsoft.com
    dns
    MicrosoftEdgeCP.exe
    69 B
    270 B
    1
    1

    DNS Request

    wcpstatic.microsoft.com

    DNS Response

    13.107.237.68
    13.107.238.68

  • 8.8.8.8:53
    226.238.32.23.in-addr.arpa
    dns
    72 B
    137 B
    1
    1

    DNS Request

    226.238.32.23.in-addr.arpa

  • 8.8.8.8:53
    131.113.223.173.in-addr.arpa
    dns
    74 B
    141 B
    1
    1

    DNS Request

    131.113.223.173.in-addr.arpa

  • 8.8.8.8:53
    234.238.32.23.in-addr.arpa
    dns
    72 B
    137 B
    1
    1

    DNS Request

    234.238.32.23.in-addr.arpa

  • 8.8.8.8:53
    68.237.107.13.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    68.237.107.13.in-addr.arpa

  • 8.8.8.8:53
    browser.events.data.microsoft.com
    dns
    MicrosoftEdgeCP.exe
    79 B
    200 B
    1
    1

    DNS Request

    browser.events.data.microsoft.com

    DNS Response

    52.168.112.66

  • 8.8.8.8:53
    85.251.206.15.in-addr.arpa
    dns
    72 B
    136 B
    1
    1

    DNS Request

    85.251.206.15.in-addr.arpa

  • 8.8.8.8:53
    66.112.168.52.in-addr.arpa
    dns
    72 B
    146 B
    1
    1

    DNS Request

    66.112.168.52.in-addr.arpa

  • 8.8.8.8:53
    westus2-0.in.applicationinsights.azure.com
    dns
    MicrosoftEdgeCP.exe
    88 B
    296 B
    1
    1

    DNS Request

    westus2-0.in.applicationinsights.azure.com

    DNS Response

    20.9.155.148

  • 8.8.8.8:53
    148.155.9.20.in-addr.arpa
    dns
    71 B
    157 B
    1
    1

    DNS Request

    148.155.9.20.in-addr.arpa

  • 8.8.8.8:53
    www.clarity.ms
    dns
    MicrosoftEdgeCP.exe
    60 B
    245 B
    1
    1

    DNS Request

    www.clarity.ms

    DNS Response

    13.107.237.48
    13.107.238.48

  • 8.8.8.8:53
    c.clarity.ms
    dns
    MicrosoftEdgeCP.exe
    58 B
    145 B
    1
    1

    DNS Request

    c.clarity.ms

    DNS Response

    20.205.115.81

  • 8.8.8.8:53
    w.clarity.ms
    dns
    MicrosoftEdgeCP.exe
    58 B
    137 B
    1
    1

    DNS Request

    w.clarity.ms

    DNS Response

    23.96.124.156

  • 8.8.8.8:53
    www.clarity.ms
    dns
    MicrosoftEdgeCP.exe
    60 B
    245 B
    1
    1

    DNS Request

    www.clarity.ms

    DNS Response

    13.107.237.68
    13.107.238.68

  • 8.8.8.8:53
    c.bing.com
    dns
    MicrosoftEdgeCP.exe
    56 B
    158 B
    1
    1

    DNS Request

    c.bing.com

    DNS Response

    204.79.197.200
    13.107.21.200

  • 8.8.8.8:53
    200.232.18.117.in-addr.arpa
    dns
    73 B
    144 B
    1
    1

    DNS Request

    200.232.18.117.in-addr.arpa

  • 8.8.8.8:53
    81.115.205.20.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    81.115.205.20.in-addr.arpa

  • 8.8.8.8:53
    156.124.96.23.in-addr.arpa
    dns
    72 B
    146 B
    1
    1

    DNS Request

    156.124.96.23.in-addr.arpa

  • 8.8.8.8:53
    200.197.79.204.in-addr.arpa
    dns
    73 B
    106 B
    1
    1

    DNS Request

    200.197.79.204.in-addr.arpa

  • 8.8.8.8:53
    233.141.123.20.in-addr.arpa
    dns
    73 B
    159 B
    1
    1

    DNS Request

    233.141.123.20.in-addr.arpa

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0PBDMEPO\edgecompatviewlist[1].xml

    Filesize

    74KB

    MD5

    d4fc49dc14f63895d997fa4940f24378

    SHA1

    3efb1437a7c5e46034147cbbc8db017c69d02c31

    SHA256

    853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

    SHA512

    cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\at-config.1.4.1[1].js

    Filesize

    5KB

    MD5

    72dcd95e1872e4e7dd4debd9363a3f23

    SHA1

    73e8f9c4dd8812ebc9c54abed3e50b68f21ad7e3

    SHA256

    d83130d74d82a31e8a653378f0051d57ef560bd85406c85404c0f7bd9801b0bf

    SHA512

    12c49158f980c09b5cf39becea6506126c9077639991607c6066a9906d5be39eff6d8b4c844ab3dd398d17131f5e00638e52ad7e6a272ca38ea6f2e41efe00a3

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\general.min[1].js

    Filesize

    174KB

    MD5

    0a51551c9a5fe36e372fc39eb9bf0b3a

    SHA1

    6c76d69df786828afad990a0144b5d27d56e7863

    SHA256

    124fceae66250916650ffa507fc9c2773714f98580b7110f98d20103cd983794

    SHA512

    7c1e3542d04731f54ccb0888fd3b30c39e97e01e0980508bee856cf4725aad04e987a629ef23d95b8c264216f1b825c1c58920e34b79800bdcc22e761b85e388

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\main.min[1].js

    Filesize

    31KB

    MD5

    b9b13a437cdee66d01ab9cb18d85d3e0

    SHA1

    6614ec983dc34b78eda8a8e3ada837a503541a92

    SHA256

    0d56c5660f9a5afc4b544798551201d14c6d222b658bb1bb0e3f40ca04cb7bb9

    SHA512

    987cc6da7ac9e739b70572464917b464c0f90b3ba795133d852d7eddea3de89db8e880a3fc05745f1f964e5770d7ab9736f50d241e3577705c80ecf088fc888d

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\wcp-consent[1].js

    Filesize

    51KB

    MD5

    413fcc759cc19821b61b6941808b29b5

    SHA1

    1ad23b8a202043539c20681b1b3e9f3bc5d55133

    SHA256

    daf7759fedd9af6c4d7e374b0d056547ae7cb245ec24a1c4acf02932f30dc536

    SHA512

    e9bf8a74fef494990aafd15a0f21e0398dc28b4939c8f9f8aa1f3ffbd18056c8d1ab282b081f5c56f0928c48e30e768f7e347929304b55547f9ca8c1aabd80b8

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\at[1].js

    Filesize

    102KB

    MD5

    6b56d2bd5139bc5c00f412cd917a3bac

    SHA1

    7ebb960a86d15ba09b075265c6c098b9cdafc624

    SHA256

    cd976ec1ad0e64056080f75bd5bb81cc61b544c8f535ca2ca630a7f4aa5fda5b

    SHA512

    e716effb9d5b6bd49394e972d7307da7068bb03d536b975e03781c3ac9425117cc27e6a24a7aaf71e56f59341dce179184c88c3d4533fae99379a1c1a9e9f222

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\cookie-consent.min[1].js

    Filesize

    986B

    MD5

    276fadd25103db9ea780c1ab25dd42c8

    SHA1

    54483dc13e60306f87a0e4a4b16b47ffac51e097

    SHA256

    c9cb2eed50644985e9f73a6897d05d94b80b8c317ea3bb5524c28a16683a63f5

    SHA512

    174919bc2b37c379531819d3b2fea5097181b600b68b746afb8c52131db2bc05ac6d6c97821fe35f1c4018fb2b2982dcc1d542c568ed3bf0cff71e32b9408eca

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\override[1].css

    Filesize

    1KB

    MD5

    a570448f8e33150f5737b9a57b6d889a

    SHA1

    860949a95b7598b394aa255fe06f530c3da24e4e

    SHA256

    0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

    SHA512

    217f971a8012de8fe170b4a20821a52fa198447fa582b82cf221f4d73e902c7e3aa1022cb0b209b6679c2eae0f10469a149f510a6c2132c987f46214b1e2bbbc

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\analytics.min[1].js

    Filesize

    892B

    MD5

    b4a1847f1be996c08716d3b97456d657

    SHA1

    49113ee2989496eb1858a45ffaa319863d8ccd69

    SHA256

    8a80172a7d4c7c65ad596f52ecc105d61c0b2b60368277fb4729767f54fec06a

    SHA512

    b0e4ab27c1db23cbcd13bda3bf488293985d76de6c4f51b2be140c7ca8562a0b8280360b2e628a097f7e5fe94508759aca5bec037a1b3d7a73d2d7d16fb63b93

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\cda-tracker.min[1].js

    Filesize

    798B

    MD5

    a3827d5909344f41d270fc8475f7733c

    SHA1

    bb6cb83e4d2080ee02ea366699f487c7362d4934

    SHA256

    bcb1104af4aea1ba4be65f0e9669e2f5382df316635226ade340f6dc15f2866a

    SHA512

    5cbb021d1f0bf0b13583b966ed5bba971b770d3331f062beb2fd75b0d2d380c10bf62db64167f3e3b94f6f5bc05cb160e7d5dae8a5d85d99ed75181040764d18

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml

    Filesize

    694B

    MD5

    a37a2ab483892c76dc9445f03504061f

    SHA1

    a4cafdf9f87ec3713e9fd458477095db3a884858

    SHA256

    4154f4b1c8326873eb15bfb0b9721f0ee2b2c0b9338864dd2c5a0d7cbeea2bbc

    SHA512

    68bffd33f4828bcea510d70f33de7f737d63bf52a844631b4fd3bd25191784396bcd2e98d19fab4d573b43df0846ed1438415b8cc5c4dcdaa502dbdc6a4a3f8e

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\3XCE208L\favicon[1].ico

    Filesize

    16KB

    MD5

    12e3dac858061d088023b2bd48e2fa96

    SHA1

    e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

    SHA256

    90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

    SHA512

    c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\w1m3e3z\imagestore.dat

    Filesize

    17KB

    MD5

    70a107a100455ce73c8bdf961dcd8c1f

    SHA1

    56f9ff33aec0e5937a7db5d7e62fbdba18bf6bc5

    SHA256

    3bc3896b0b415c1f426449cc73d474026c4c2b3c991ac160ce305e37a5e38358

    SHA512

    19131fd825a8b17197615789a104be7da0a4c5d5b60b1c96dedc07a069ad87155b99283835b574cef7fc5b845bd1bf8b765d639a8b854e133b242c472a64fafc

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Microsoft\Windows\3720402701\2219095117.pri

    Filesize

    207KB

    MD5

    e2b88765ee31470114e866d939a8f2c6

    SHA1

    e0a53b8511186ff308a0507b6304fb16cabd4e1f

    SHA256

    523e419d2fa2e780239812d36caa37e92f8c3e6a5cd9f18f0d807c593effa45e

    SHA512

    462e8e6b4e63fc6781b6a9935b332a1dc77bfb88e1de49134f86fd46bd1598d2e842902dd9415a328e325bd7cdee766bd9473f2695acdfa769ffe7ba9ae1953d

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\clarity[1].js

    Filesize

    55KB

    MD5

    33101fda12196769c5173acf6c98a7f6

    SHA1

    b9a477f778e5856be2b0d692f60266e8249fc6bd

    SHA256

    99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f

    SHA512

    a3b7a93c579daa179d3e7c0ffbe37ffcd703a7d21a19b797dd94df469b66c411d1b6e9bf995e5c5114980f011ff780c21d40e0374399dfa382c597747b62071e

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\culture-selector.min[1].js

    Filesize

    308B

    MD5

    4147b3bfb0a145eec758f0cb7292cefb

    SHA1

    8e02467706ce768bc9e68fea2a8d01b49513d631

    SHA256

    8f6f064a7a80641e434afc35b14fd8a01acda68f2ac01097e7dbbf0623edeb20

    SHA512

    49a661a2009c172df348aa83b2342f5cfdeea58026710bf139f847c1d9e6728b20a865bb81a980492186b7dd210ed1202c01a38757edfe77a4efa4945cd82477

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3MDQYR2Z\dotnet-framework-runtime[1].svg

    Filesize

    42KB

    MD5

    5aaa8c37cd59979b920cd21c4a50a38d

    SHA1

    0ee61e3b2d58513b92cf4c6b5114c1beb55539e7

    SHA256

    db6c6f42e1d56092fb2c3d317968077cb29435139274faefbf4ab7681955bec6

    SHA512

    0fb4c45db9f29963fce195e79b4e9963e57a50ef0fcab74466d6034834e0099f1f344a8569973d4c1ece05d9b70b5938b42ead4fabaa08de7d24c911df28c235

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\8M7JSG0J\ai.2.min[1].js

    Filesize

    118KB

    MD5

    8783a27f51204a804c5bfb96bc481b6b

    SHA1

    c50d7bbbcc3f69798a387a68fec4fc65f80ab763

    SHA256

    04c0e76669750440eedbda5b14314f0c3f3f28fb7f6dc719c95ef606af8f8ca6

    SHA512

    3f0a6976265346eb2734c8763884955befaed66b77264aac9e8656edeb932a12b62d2a6effd65928d8fa58018e1630a4d08c6ee2623d7bca29ba85cd54551f0a

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\8M7JSG0J\open-sans-v34-latin-600[1].woff2

    Filesize

    16KB

    MD5

    603c99275486a11982874425a0bc0dd1

    SHA1

    ffeb62d105d2893d323574407b459fbae8cc90a6

    SHA256

    4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127

    SHA512

    662dc53798ccda65ee972a1bb52959ca5f4c45066c1d500c2476c50ec537cb90a42d474d7dde2bec1ea8c312cc4a46e1d91ffb610130c2dc7914b65aef8a2615

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\8M7JSG0J\open-sans-v34-latin-regular[1].woff2

    Filesize

    16KB

    MD5

    e43b535855a4ae53bd5b07a6eeb3bf67

    SHA1

    6507312d9491156036316484bf8dc41e8b52ddd9

    SHA256

    b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

    SHA512

    955a4c3ea5df9d2255defc2c40555ac62eeafcc81f6fa688ba5e11a252b3ed59b4275e3e9a72c3f58e66be3a4d0e9952638932fa29eb9075463537910a8e0ce6

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\74-888e54[1].css

    Filesize

    167KB

    MD5

    ba0d5ea1fac178bc129be5c94eebc013

    SHA1

    cdf9036d0a2cc4b57a278e48bce971e708e39aee

    SHA256

    cf186f15996f1f201512c3576307588ecbf1e4d62daa72aa678b8222d6c652f8

    SHA512

    a31ed800df0244da91ef08d8e2b262d8b9899ec5f64218e6a233ac9f178df15e642aa7476aa87c1f18228a64507850e2974025b77f7071c2e821d50e3c3ca08e

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\bootstrap-custom.min[1].css

    Filesize

    230KB

    MD5

    16335268dced275f7835c0d517c796e1

    SHA1

    0d4a1a56ad98c4b4b01ca9b7e588209fe87e7249

    SHA256

    696afad1ce7654d5bdf749422fe56e3b985a6eafd1348932619859e7ce504760

    SHA512

    6244612be0287295c48d733bf210223dd5b79707e372b966d1f2d3c006f3ad375184f0ea38d4a67ab937e12477920292c10bbfc5ebf5b8942b7744ed8ae06c61

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\ms.analytics-web-3.min[1].js

    Filesize

    136KB

    MD5

    6a5b990f8696eb7a67ecfe6b5b3cab0b

    SHA1

    108bbd600f0237e62112db3969c6f02be0a1c7cb

    SHA256

    8a13eda4650628c3b24edd6b407cfedf1821188701430545bc17ccf7fe0083ac

    SHA512

    ceabc9380d2e4166dca101fa8e7ad7fa7b176182a04294b41584c7c3a93c28510c2fa7633e40c0959c7f39382a6b0706f10c6ff87068c96e2f5b15f1353f6856

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\K94D8HW1\open-sans-v34-latin-700[1].woff2

    Filesize

    15KB

    MD5

    e45478d4d6f15dafda1f25d9e0fb5fa1

    SHA1

    52cb490cd0ee4442ede034085cda9652b206f91c

    SHA256

    d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

    SHA512

    2ac423249ec837efa35b29705f55a326dee83f727e867269b86005cce144ca8d435f7412bb0bc9babdb9ae17419e4a0314b2923bee6a5acc96c9909e9eb48645

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\a2-598841[1].js

    Filesize

    134KB

    MD5

    2cc02dc1fb567abe4b05d266eb06d922

    SHA1

    6dcbdeb8033539e29ca4d11975bee63bfabbfdad

    SHA256

    14bc892aff22a1998743df7de326750231ec0592917c70c5a9e5478fea456409

    SHA512

    769ec7d320b0b5ebfe2affc562078f0de8c21a6157af32f50f577327d37c43fa7b121d09cbd2bf27471c4356e90b1d96b10b73aa31410532f3fc46255d28a315

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\alert-info[1].svg

    Filesize

    726B

    MD5

    c7db49644f6bf1f50b3190ffba0516ed

    SHA1

    5bb312a0b6357ccb7e93158ac0f97b4e249e4696

    SHA256

    2d891fb5984d5f421055da7f5d7e4be525df4c973fdc4366057bc9dfd82ce281

    SHA512

    9b7f127443d517223a2a2cf6131a777f56aae3cd21dbcc1e87d847a0ad42e8c05a7f13347fec6d4df0582d486a57a9dc0d8121e6ca38371549f53e396cf6463a

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\alert-promo[1].svg

    Filesize

    1KB

    MD5

    b119b49f7f799d680e0ade981c8c36e1

    SHA1

    b2134ee3d8a4669c4b93225c0b987be0c78b6e6e

    SHA256

    2dc041b9b132cef3af67e03ba98fa1b72a9e877699e7a1f4277e00556c78ada4

    SHA512

    c68439e082f0979de042cb8e6ca5fcf08f1debf62133272a8580334867b9a3309a023441ca315b604ab6867ea3b9efa8e8185067e288fd2c46e65a8eaafe2a86

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\mwfmdl2-v3.54[1].woff

    Filesize

    25KB

    MD5

    d0263dc03be4c393a90bda733c57d6db

    SHA1

    8a032b6deab53a33234c735133b48518f8643b92

    SHA256

    22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12

    SHA512

    9511bef269ae0797addf4cd6f2fec4ad0c4a4e06b3e5bf6138c7678a203022ac4818c7d446d154594504c947da3061030e82472d2708149c0709b1a070fdd0e3

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\NATZ66A8\space-grotesk-v12-latin-700[1].woff2

    Filesize

    11KB

    MD5

    514360ed1b78e71aabe58ecd08f36706

    SHA1

    1062c179ea2f74b5db67f9d7822c556ed25637dd

    SHA256

    751851e72654508ca07678c61bdacd91b772d725f531dd8a6f62e6f941e11ecc

    SHA512

    1827c1a0189570e775bdcd07657e720e0bb27c2157ff46307cba551eaa16822645e388321081eb13cae7f4d024038b5279cff897a4c86c0ecd4428e60a5dac5e

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml

    Filesize

    694B

    MD5

    a37a2ab483892c76dc9445f03504061f

    SHA1

    a4cafdf9f87ec3713e9fd458477095db3a884858

    SHA256

    4154f4b1c8326873eb15bfb0b9721f0ee2b2c0b9338864dd2c5a0d7cbeea2bbc

    SHA512

    68bffd33f4828bcea510d70f33de7f737d63bf52a844631b4fd3bd25191784396bcd2e98d19fab4d573b43df0846ed1438415b8cc5c4dcdaa502dbdc6a4a3f8e

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml

    Filesize

    694B

    MD5

    a37a2ab483892c76dc9445f03504061f

    SHA1

    a4cafdf9f87ec3713e9fd458477095db3a884858

    SHA256

    4154f4b1c8326873eb15bfb0b9721f0ee2b2c0b9338864dd2c5a0d7cbeea2bbc

    SHA512

    68bffd33f4828bcea510d70f33de7f737d63bf52a844631b4fd3bd25191784396bcd2e98d19fab4d573b43df0846ed1438415b8cc5c4dcdaa502dbdc6a4a3f8e

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\AVSG2AFR\dotnet.microsoft[1].xml

    Filesize

    1KB

    MD5

    f5ef957f11878d43fd4b3338e2d3c47e

    SHA1

    bbc49ef08dba700cbd56cbde131c83653ba2a722

    SHA256

    bf358982ba4bfa67ecd46fd8fafd5abf276215ba0891f52961c513986bfec4a9

    SHA512

    8405fae9491d69797215a0d05849ff769873a59efb2bf37f674dc5b594b55747bfdbe6bd5a6b982d278643531454cbddd4dc49acecf1024bfecbcf93730fd7a2

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442

    Filesize

    1KB

    MD5

    8ee018ecaad72c05dfa4d75df4f1450f

    SHA1

    d8b1aeff8372b7af1ac43e33b5f5dc66facce42f

    SHA256

    1a070d476d99087b1e57bb24f9356c2447b5c3347665aa07ba4269f72547e84c

    SHA512

    44a0988c18fccb79231cfa3802277daa73405fccbd54ce509b9b5ec01d5c2b6a31ba85e700fb5f8edfbd8dde0ff60b4d747079ad63cf0dd0cd643b7879c3db01

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_AD319D6DA1A11BC83AC8B4E4D3638231

    Filesize

    1KB

    MD5

    eea883772fe4fcb604836f77046a6573

    SHA1

    91c5537a96b448ff3e6753d322630bd7a14ec3d7

    SHA256

    4fa5363994f226d71cd9767f237938756d84aaf86cc869bbe5f1acc3210d7174

    SHA512

    fe2e8dfad21b7e02d39174338141a1305bc6a5e4adf5d18637ca9e90ad9ec30c3e4e7a156b3b7d6e26f38709bee5a7caeed7510878727037c3e76e83588478de

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\8A7891822FCFF127E4EADADE9757112B

    Filesize

    926B

    MD5

    7bc85f7ba6e8257a07ca58ad9d19352f

    SHA1

    d37cbf8a3f6a01e46df0d9bd1d540dc4add3f602

    SHA256

    1ba2a3cd0959bacfa6960eff85300a84152d51a4422cb764d75e071f9fcc2af2

    SHA512

    b7cd5a3396d769d12a3ac81f816f764b6dae6e84d22009732d195c358e3fefe524997bf1e34153f0a0f5b015988038241f7afdd3132d590f45d544f0d3926744

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04

    Filesize

    471B

    MD5

    c787d5e2b16c629a5a2175ca0f23ff2d

    SHA1

    f33eb25519c40a243f30d77b6ee024b875490b66

    SHA256

    c9bf555d4f13ba22a56f77144ad0297d7b45b3030aec1dcf0eeec821dc323325

    SHA512

    d7e50a17b574cf20975469b1f51b388a83a126a9f299348c0951e64daaea6113e778b7e84e41e1c7499cc727a5cdbca0b9e4d6d75ff64b48dcef596da4187eb4

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\E573CDF4C6D731D56A665145182FD759_EAB4AEE2EA70916CD4B93BC9BD3B283A

    Filesize

    471B

    MD5

    30d32b86e8408e901f9dd1cf52df6024

    SHA1

    ac4d38acd953f8b2d4fef3641f82e69503cc2a28

    SHA256

    5f2c83a6e3cbc13902c123046b020b4d6ddc6f682ef25b0abe95426b990088f4

    SHA512

    0d2240967215f9def8e08ca69819a2c07ebbe30c569a7e371b7600ae1ecdfe85d5851b576cd28420703234c5b6e1a8ed4359eafd9fbef7668c64d71b13a23391

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442

    Filesize

    416B

    MD5

    fc2b84c1aae9a15a2793cd458d69b667

    SHA1

    198e63f2afe3b6ea9bdd77370872bc047f9e5236

    SHA256

    040e809b61e858f2a6835fdc361e1eb3944e44c8f65410db4011b746d89705da

    SHA512

    051bb3cafa251bb026d89f1e3f681cd027d25e28ec3ff08e37612f28f4adff1f0fe254fa9d60050889d91a1fb8e3936d9cf9c20a4cbf3476f3664d03363dc89d

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_AD319D6DA1A11BC83AC8B4E4D3638231

    Filesize

    434B

    MD5

    ba55c74952272f470832cac1cdbd23aa

    SHA1

    662099c477c32e2cbd68f83578cdb07c106829be

    SHA256

    83a1886678bb4a4626ea60ac9be2ba27c059a4c4ebf6346251aada240306f51a

    SHA512

    9936343f06215c24f2b0379c48b2f04f3c8b6fc50ca533bffd533798301b7f4271dfe666361f21eb2faaf3c2d402976ca517e2b66e141f369bceceb26a60333d

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8A7891822FCFF127E4EADADE9757112B

    Filesize

    246B

    MD5

    e7c1bf17cca1b09ffff5255b9f90d17f

    SHA1

    8c8b647fe8801770caf55764af28ad6d11c89306

    SHA256

    37241236accd67eb89097141c4ffd711950891a9c2cea719a12e98c7eadd97c1

    SHA512

    febba8dbc88b2fcca497961eac7ca468161d3be81aa4881997d6cb7b5c6d29df2c8b4a1b11e31b6ba445a95e09b0547a78e8e3570ba0cf388f7d8f6c67c828c7

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8A7891822FCFF127E4EADADE9757112B

    Filesize

    246B

    MD5

    41bff6eeac9b6798e6ce97a73b14ef3c

    SHA1

    833bf8dfb519d3be7667a4019a89eeb12a12f721

    SHA256

    d0748fc49c86404c849193b09555c1f8e176c1375bddfefd5fdbf528c2262b25

    SHA512

    8f80e843e3be098382ade25af14bf3e263adc14e21eaaa2b7e639994f20284ba024f97cb42e98dd68f23789893ac325626c7fc003c9424d0783e41967b2bb4ce

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04

    Filesize

    430B

    MD5

    bdefee51f29b630cb312e66829482189

    SHA1

    9e23cb9d6b3f29a3a1340d5bd14e9a22e9ee19dd

    SHA256

    f4abf223f5c45562fd94a880eb5573c2835c8792f0ba09e413ac622779d74b12

    SHA512

    dba7be7a4b52edf3fb0dca7c17fb96f371939ff0fd4c5589bbd651c744e4c61ba4e713f488d85679abc8843fefcf04d31aa08650d9c87a37192ebdb6da853ac4

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\E573CDF4C6D731D56A665145182FD759_EAB4AEE2EA70916CD4B93BC9BD3B283A

    Filesize

    396B

    MD5

    7a778c151497fa7145637b53452ebb51

    SHA1

    cb2dc2b993e2d492e622c5547b341f561e6cda3f

    SHA256

    1aa5a8e203c81431eab72d729a730670f2a9cabe1a55fcfbb9536657310cf472

    SHA512

    c89079f43002ed99dc31f1ca210de03dcccd2973ba13a74955b4bf65d3b051ec918bd55966e1c5b018d53a4ad23d6d9af56894ecc9b8163e91893d300dba3a0d

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\Windows\3720402701\2219095117.pri

    Filesize

    207KB

    MD5

    e2b88765ee31470114e866d939a8f2c6

    SHA1

    e0a53b8511186ff308a0507b6304fb16cabd4e1f

    SHA256

    523e419d2fa2e780239812d36caa37e92f8c3e6a5cd9f18f0d807c593effa45e

    SHA512

    462e8e6b4e63fc6781b6a9935b332a1dc77bfb88e1de49134f86fd46bd1598d2e842902dd9415a328e325bd7cdee766bd9473f2695acdfa769ffe7ba9ae1953d

  • memory/424-501-0x00000257BC3D0000-0x00000257BC4D0000-memory.dmp

    Filesize

    1024KB

  • memory/424-279-0x00000257B7C10000-0x00000257B7C12000-memory.dmp

    Filesize

    8KB

  • memory/424-474-0x00000257B83E0000-0x00000257B84E0000-memory.dmp

    Filesize

    1024KB

  • memory/424-461-0x00000257BC3B0000-0x00000257BC3B2000-memory.dmp

    Filesize

    8KB

  • memory/424-466-0x00000257BC3C0000-0x00000257BC3C2000-memory.dmp

    Filesize

    8KB

  • memory/1980-200-0x0000015648270000-0x0000015648272000-memory.dmp

    Filesize

    8KB

  • memory/1980-349-0x000001565E300000-0x000001565E302000-memory.dmp

    Filesize

    8KB

  • memory/1980-396-0x000001565E3C0000-0x000001565E3C2000-memory.dmp

    Filesize

    8KB

  • memory/1980-394-0x000001565E3A0000-0x000001565E3A2000-memory.dmp

    Filesize

    8KB

  • memory/1980-390-0x000001565E390000-0x000001565E392000-memory.dmp

    Filesize

    8KB

  • memory/1980-363-0x000001565E340000-0x000001565E342000-memory.dmp

    Filesize

    8KB

  • memory/1980-194-0x0000015648240000-0x0000015648242000-memory.dmp

    Filesize

    8KB

  • memory/1980-384-0x000001565E380000-0x000001565E382000-memory.dmp

    Filesize

    8KB

  • memory/1980-375-0x000001565E360000-0x000001565E362000-memory.dmp

    Filesize

    8KB

  • memory/1980-459-0x000001565EEF0000-0x000001565EFF0000-memory.dmp

    Filesize

    1024KB

  • memory/1980-333-0x000001565A0E0000-0x000001565A1E0000-memory.dmp

    Filesize

    1024KB

  • memory/1980-203-0x0000015648290000-0x0000015648292000-memory.dmp

    Filesize

    8KB

  • memory/2072-161-0x0000025A91650000-0x0000025A91652000-memory.dmp

    Filesize

    8KB

  • memory/2072-158-0x0000025A8CE20000-0x0000025A8CE22000-memory.dmp

    Filesize

    8KB

  • memory/2072-119-0x0000025A8CA20000-0x0000025A8CA30000-memory.dmp

    Filesize

    64KB

  • memory/2072-160-0x0000025A916A0000-0x0000025A916A2000-memory.dmp

    Filesize

    8KB

  • memory/2072-156-0x0000025A8CBB0000-0x0000025A8CBB1000-memory.dmp

    Filesize

    4KB

  • memory/2072-137-0x0000025A8CD00000-0x0000025A8CD10000-memory.dmp

    Filesize

    64KB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.