hxxps://4jv2zzt96ihx7ht2xox7[.]1yyq2tt[.]ru/giaf/

Analysis

max time kernel
146s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
10/10/2023, 02:11 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://4jv2zzt96ihx7ht2xox7.1yyq2tt.ru/giaf/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4512	msedge.exe
4512	msedge.exe
1844	msedge.exe
1844	msedge.exe
4668	identity_helper.exe
4668	identity_helper.exe
5908	msedge.exe
5908	msedge.exe
5908	msedge.exe
5908	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeManageVolumePrivilege	5552	svchost.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe
1844	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1844 wrote to memory of 1156	1844	msedge.exe	26
PID 1844 wrote to memory of 1156	1844	msedge.exe	26
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 1596	1844	msedge.exe	86
PID 1844 wrote to memory of 4512	1844	msedge.exe	87
PID 1844 wrote to memory of 4512	1844	msedge.exe	87
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88
PID 1844 wrote to memory of 2608	1844	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://4jv2zzt96ihx7ht2xox7.1yyq2tt.ru/giaf/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa78cc46f8,0x7ffa78cc4708,0x7ffa78cc4718
  2⤵
  PID:1156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2
  2⤵
  PID:1596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  PID:2608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:1060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
  2⤵
  PID:2948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1
  2⤵
  PID:644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1
  2⤵
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 /prefetch:8
  2⤵
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1
  2⤵
  PID:2276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
  2⤵
  PID:1248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:3820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
  2⤵
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,15508734937453775725,10202325198173607445,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4712 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5908

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3016

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4392

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:5448

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5552

Network

DNS

146.78.124.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

146.78.124.51.in-addr.arpa

IN PTR

Response
DNS

73.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.31.126.40.in-addr.arpa

IN PTR

Response
DNS

4jv2zzt96ihx7ht2xox7.1yyq2tt.ru

msedge.exe

Remote address:

8.8.8.8:53

Request

4jv2zzt96ihx7ht2xox7.1yyq2tt.ru

IN A

Response

4jv2zzt96ihx7ht2xox7.1yyq2tt.ru

IN A

104.21.22.225

4jv2zzt96ihx7ht2xox7.1yyq2tt.ru

IN A

172.67.207.139
GET

https://4jv2zzt96ihx7ht2xox7.1yyq2tt.ru/giaf/

msedge.exe

Remote address:

104.21.22.225:443

Request

GET /giaf/ HTTP/2.0
host: 4jv2zzt96ihx7ht2xox7.1yyq2tt.ru
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 10 Oct 2023 02:11:24 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: PHPSESSID=f0rel4fq323vht32qf5knv07hm; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w84X7JtlKOEx9kP9A0l1KOIhSixsS7My6o8mthDUpSAETBOI8vUNV7ethN%2FPycQkHI%2Bk4saZa8F3wW%2F5JCoyAL3sYYJ9msPl6Co5NVPP4D0Y%2F2nyz33i9EiidME5jLhysuJqX8ef4nuzjaSeBHFOwHiw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 813b55155cab6699-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

apps.identrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

2.18.121.68

a1952.dscq.akamai.net

IN A

2.18.121.70
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

msedge.exe

Remote address:

2.18.121.68:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT
ETag: "37d-603761e33cf00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Tue, 10 Oct 2023 03:11:22 GMT
Date: Tue, 10 Oct 2023 02:11:22 GMT
Connection: keep-alive
DNS

8.3.197.209.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.3.197.209.in-addr.arpa

IN PTR

Response

8.3.197.209.in-addr.arpa

IN PTR

vip0x008map2sslhwcdnnet
DNS

108.211.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

108.211.229.192.in-addr.arpa

IN PTR

Response
DNS

225.22.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.22.21.104.in-addr.arpa

IN PTR

Response
DNS

68.121.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.121.18.2.in-addr.arpa

IN PTR

Response

68.121.18.2.in-addr.arpa

IN PTR

a2-18-121-68deploystaticakamaitechnologiescom
DNS

133.113.22.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.113.22.20.in-addr.arpa

IN PTR

Response
DNS

href.li

msedge.exe

Remote address:

8.8.8.8:53

Request

href.li

IN A

Response

href.li

IN A

192.0.78.27

href.li

IN A

192.0.78.26
DNS

challenges.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

challenges.cloudflare.com

IN A

Response

challenges.cloudflare.com

IN A

104.17.2.184

challenges.cloudflare.com

IN A

104.17.3.184
DNS

cdn.jsdelivr.net

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.jsdelivr.net

IN A

Response

cdn.jsdelivr.net

IN CNAME

jsdelivr.map.fastly.net

jsdelivr.map.fastly.net

IN A

151.101.1.229

jsdelivr.map.fastly.net

IN A

151.101.65.229

jsdelivr.map.fastly.net

IN A

151.101.129.229

jsdelivr.map.fastly.net

IN A

151.101.193.229
GET

https://href.li/https://www.google.com/amp/s/bing.com%2Fck%2Fa%3F%21%26%26p%3D5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw%26ptn%3D3%26hsh%3D3%26fclid%3D1e4358b9-cc07-662a-2426-4b29cd0e6708%26u%3Da1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg%26ntb%3D1

msedge.exe

Remote address:

192.0.78.27:443

Request

GET /https://www.google.com/amp/s/bing.com%2Fck%2Fa%3F%21%26%26p%3D5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw%26ptn%3D3%26hsh%3D3%26fclid%3D1e4358b9-cc07-662a-2426-4b29cd0e6708%26u%3Da1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg%26ntb%3D1 HTTP/2.0
host: href.li
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://4jv2zzt96ihx7ht2xox7.1yyq2tt.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://challenges.cloudflare.com/turnstile/v0/api.js

msedge.exe

Remote address:

104.17.2.184:443

Request

GET /turnstile/v0/api.js HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://4jv2zzt96ihx7ht2xox7.1yyq2tt.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Tue, 10 Oct 2023 02:11:24 GMT
vary: accept-encoding
cache-control: max-age=300, public
location: /turnstile/v0/g/dffb14d6/api.js
access-control-allow-origin: *
server: cloudflare
cf-ray: 813b551efd9cb984-AMS
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js

msedge.exe

Remote address:

104.17.2.184:443

Request

GET /turnstile/v0/g/dffb14d6/api.js HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://4jv2zzt96ihx7ht2xox7.1yyq2tt.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 10 Oct 2023 02:11:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 813b551f4db1b984-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

msedge.exe

Remote address:

151.101.1.229:443

Request

GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/2.0
host: cdn.jsdelivr.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://4jv2zzt96ihx7ht2xox7.1yyq2tt.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Oct 2023 02:11:24 GMT
age: 10427126
x-served-by: cache-fra-eddf8230097-FRA, cache-ams21058-AMS
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
DNS

bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

bing.com

IN A

Response

bing.com

IN A

13.107.21.200

bing.com

IN A

204.79.197.200
DNS

27.78.0.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

27.78.0.192.in-addr.arpa

IN PTR

Response
DNS

184.2.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

184.2.17.104.in-addr.arpa

IN PTR

Response
DNS

229.1.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

229.1.101.151.in-addr.arpa

IN PTR

Response
DNS

100.39.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

100.39.251.142.in-addr.arpa

IN PTR

Response

100.39.251.142.in-addr.arpa

IN PTR

ams15s48-in-f41e100net
DNS

226.21.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.21.18.104.in-addr.arpa

IN PTR

Response
GET

https://bing.com/ck/a?!&&p=5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw&ptn=3&hsh=3&fclid=1e4358b9-cc07-662a-2426-4b29cd0e6708&u=a1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg&ntb=1

msedge.exe

Remote address:

13.107.21.200:443

Request

GET /ck/a?!&&p=5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw&ptn=3&hsh=3&fclid=1e4358b9-cc07-662a-2426-4b29cd0e6708&u=a1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg&ntb=1 HTTP/2.0
host: bing.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

cache-control: private
content-length: 401
content-type: text/html; charset=utf-8
content-encoding: br
location: https://www.bing.com:443/ck/a?!&&p=5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw&ptn=3&hsh=3&fclid=1e4358b9-cc07-662a-2426-4b29cd0e6708&u=a1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg&ntb=1&toWww=1&redig=C487224EFAF1447EA1D2AD5878BC8F4C
vary: Accept-Encoding
set-cookie: MUID=2D636BFCBBFB60983B90785ABA1661CE; domain=bing.com; expires=Sun, 03-Nov-2024 02:11:25 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2D636BFCBBFB60983B90785ABA1661CE; expires=Sun, 03-Nov-2024 02:11:25 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=05430AAA139069AE28B0190C127D68D0; domain=bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=bing.com; expires=Sun, 03-Nov-2024 02:11:25 GMT; path=/; HttpOnly
x-eventid: 6524b2cd715a45c4bf5d2bbf52507d19
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-BWvRfU7VTETSeU+HJ34MPpECXukMDNvgr/xrLUZurAU='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F186116AB7644759BA6E2171DA5A4522 Ref B: AMS04EDGE3320 Ref C: 2023-10-10T02:11:25Z
date: Tue, 10 Oct 2023 02:11:24 GMT
GET

https://www.bing.com/ck/a?!&&p=5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw&ptn=3&hsh=3&fclid=1e4358b9-cc07-662a-2426-4b29cd0e6708&u=a1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg&ntb=1&toWww=1&redig=C487224EFAF1447EA1D2AD5878BC8F4C

msedge.exe

Remote address:

88.221.24.48:443

Request

GET /ck/a?!&&p=5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw&ptn=3&hsh=3&fclid=1e4358b9-cc07-662a-2426-4b29cd0e6708&u=a1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg&ntb=1&toWww=1&redig=C487224EFAF1447EA1D2AD5878BC8F4C HTTP/2.0
host: www.bing.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=2D636BFCBBFB60983B90785ABA1661CE
cookie: _EDGE_S=F=1&SID=05430AAA139069AE28B0190C127D68D0
cookie: _EDGE_V=1

Response

HTTP/2.0 200

cache-control: no-cache, must-revalidate
pragma: no-cache
content-length: 1316
content-type: text/html; charset=UTF-8
content-encoding: gzip
expires: Fri, 01 Jan 1990 00:00:00 GMT
vary: Accept-Encoding
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8B0102E29FE445A585A3CEAAED71159B Ref B: MIL30EDGE0911 Ref C: 2023-10-10T02:11:25Z
date: Tue, 10 Oct 2023 02:11:25 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.2c18dd58.1696903885.3cbff27
DNS

www.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

104.85.1.163
GET

https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /en-AU/microsoft-365/free-office-online-for-the-web HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.bing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html;charset=utf-8
set-cookie: AEMDC=westeurope; path=/; secure; SameSite=None
x-dispatcher: dispatcher1westeurope
x-rtag: AEM_PROD_Marketing
ms-cv-esi: CASMicrosoftCV160e9972.0
ms-cv: CASMicrosoftCV160e9972.0
strict-transport-security: max-age=31536000
tls_version: tls1.3
vary: Accept-Encoding
x-edgeconnect-origin-mex-latency: 682
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 682
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 682
x-edgeconnect-midmile-rtt: 0
x-frame-options: SAMEORIGIN
etag: W/"fb32-6074e931bdc76-gzip"
ms-commit-id: 6138c93
x-content-type-options: nosniff
x-vhost: publish_microsoft_s
cache-control: max-age=0,s-maxage=28800
content-encoding: gzip
date: Tue, 10 Oct 2023 02:11:26 GMT
content-length: 23237
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/main-m365.min.ACSHASH1a14ebf8a17177418f8a582c20c738b0.css

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/main-m365.min.ACSHASH1a14ebf8a17177418f8a582c20c738b0.css HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/css;charset=utf-8
content-length: 51056
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: f302c0e
last-modified: Mon, 02 Oct 2023 18:50:31 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:26 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bb8.0
ms-cv-esi: CASMicrosoftCV160e9bb8.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-ext/main-m365.min.ACSHASH902dd1e162e1410f006c5c1f3867b0cd.css

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-mwf-ext/main-m365.min.ACSHASH902dd1e162e1410f006c5c1f3867b0cd.css HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/css;charset=utf-8
content-length: 36025
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: f302c0e
last-modified: Mon, 02 Oct 2023 18:50:32 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bc6.0
ms-cv-esi: CASMicrosoftCV160e9bc6.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-base.min.ACSHASHc5871451778c8e6454258da6f73224b7.css

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-base.min.ACSHASHc5871451778c8e6454258da6f73224b7.css HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/css;charset=utf-8
content-length: 23965
x-dispatcher: dispatcher3westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 0875511
last-modified: Fri, 30 Jun 2023 08:08:56 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bc7.0
ms-cv-esi: CASMicrosoftCV160e9bc7.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-events.min.ACSHASH1e1e807a22bd65d9f61a48a38d6e7faa.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-events.min.ACSHASH1e1e807a22bd65d9f61a48a38d6e7faa.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/css;charset=utf-8
content-length: 183
x-dispatcher: dispatcher3westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 0875511
last-modified: Fri, 30 Jun 2023 08:08:56 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bc9.0
ms-cv-esi: CASMicrosoftCV160e9bc9.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-uhf.min.ACSHASHf9f2395c582fa601707b7a5dfae9f05f.css

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-uhf.min.ACSHASHf9f2395c582fa601707b7a5dfae9f05f.css HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/css; charset=utf-8
last-modified: Tue, 08 Aug 2023 17:48:48 GMT
x-activity-id: b4702251-7916-407b-a44d-79e23cc82c60
x-appversion: 1.0.8579.39012
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-06-29T05:40:24.0000000Z}
ms-operation-id: ba073d8ea1f5ba44ab5e61c364edb966
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2023-08-08T17:48:48
x-s2: 2023-08-08T17:48:48
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 22738
cache-control: public, max-age=26149053
expires: Wed, 07 Aug 2024 17:49:00 GMT
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bd8.0
ms-cv-esi: CASMicrosoftCV160e9bd8.0
x-rtag: RT
GET

https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-polyfills.min.ACSHASHf381d5147c85ee687ea8fbef32c83d37.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-polyfills.min.ACSHASHf381d5147c85ee687ea8fbef32c83d37.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 551
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: fbf602a
last-modified: Wed, 18 Jan 2023 20:49:33 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bc8.0
ms-cv-esi: CASMicrosoftCV160e9bc8.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-jquery.min.ACSHASH35986a813756f39ab6b922979ffedb03.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-jquery.min.ACSHASH35986a813756f39ab6b922979ffedb03.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 20874
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 9bd14e2
last-modified: Wed, 28 Jun 2023 17:59:37 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-edgeconnect-midmile-rtt: 35
x-edgeconnect-origin-mex-latency: 16
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bca.0
ms-cv-esi: CASMicrosoftCV160e9bca.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-jquery-cookie.min.ACSHASH20aafdf6904d3dc5db0e0e33abbfc1a4.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-jquery-cookie.min.ACSHASH20aafdf6904d3dc5db0e0e33abbfc1a4.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 33310
x-dispatcher: dispatcher3westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 0875511
last-modified: Fri, 30 Jun 2023 08:08:56 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bcb.0
ms-cv-esi: CASMicrosoftCV160e9bcb.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/clientlibs/exp-analytics/v1.min.ACSHASH4cffc2c9b55f8bde649e0d2535a1eebd.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/clientlibs/exp-analytics/v1.min.ACSHASH4cffc2c9b55f8bde649e0d2535a1eebd.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 798
x-dispatcher: dispatcher3westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 0875511
last-modified: Fri, 30 Jun 2023 08:08:56 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bcc.0
ms-cv-esi: CASMicrosoftCV160e9bcc.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/92-14707b/74-888e54?ver=2.0&_cf=20210618

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/92-14707b/74-888e54?ver=2.0&_cf=20210618 HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 710
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: fbf602a
last-modified: Wed, 27 Jul 2022 17:44:00 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9bcd.0
ms-cv-esi: CASMicrosoftCV160e9bcd.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/components/content/universalheader/v1/universalheader/clientlibs/site.min.ACSHASH4a2c06fd33b93cde144b578363a889af.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/components/content/universalheader/v1/universalheader/clientlibs/site.min.ACSHASH4a2c06fd33b93cde144b578363a889af.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 2453
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 0fbf15d
last-modified: Mon, 25 Sep 2023 17:58:05 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9c47.0
ms-cv-esi: CASMicrosoftCV160e9c47.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/components/content/feature/v1/feature/clientlibs/site.min.ACSHASH42ba89a4096a012bdfd80f51fc4b936f.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/components/content/feature/v1/feature/clientlibs/site.min.ACSHASH42ba89a4096a012bdfd80f51fc4b936f.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 694
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: fbf602a
last-modified: Fri, 07 May 2021 21:33:49 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9c73.0
ms-cv-esi: CASMicrosoftCV160e9c73.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/components/content/dynamic-feature/v1/dynamic-feature/clientlibs/site.min.ACSHASHf834ecc43df9754fbcd8a6bb1078e89e.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/components/content/dynamic-feature/v1/dynamic-feature/clientlibs/site.min.ACSHASHf834ecc43df9754fbcd8a6bb1078e89e.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-length: 144
x-dispatcher: dispatcher2westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: fc7a547
last-modified: Wed, 11 Jan 2023 18:35:21 GMT
accept-ranges: bytes
x-frame-options: SAMEORIGIN
content-encoding: br
cache-control: public, max-age=86400
date: Tue, 10 Oct 2023 02:11:27 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
content-type: application/javascript;charset=utf-8
ms-cv: CASMicrosoftCV160e9c9e.0
ms-cv-esi: CASMicrosoftCV160e9c9e.0
x-rtag: AEM_PROD_STATIC
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-product-pricing.min.ACSHASH4f83a20cad6fed343c3830586c882696.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-product-pricing.min.ACSHASH4f83a20cad6fed343c3830586c882696.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 442
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 3703369
last-modified: Wed, 14 Jun 2023 18:13:03 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9cd0.0
ms-cv-esi: CASMicrosoftCV160e9cd0.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-product-pricing.min.ACSHASHde5a77dc6cdb73df9c3096397924a3f0.css

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-product-pricing.min.ACSHASHde5a77dc6cdb73df9c3096397924a3f0.css HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/css;charset=utf-8
content-length: 120
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 229b834
last-modified: Mon, 08 May 2023 18:21:04 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9cf8.0
ms-cv-esi: CASMicrosoftCV160e9cf8.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/components/content/image/v1/image/clientlibs.min.ACSHASH4402231c6c651d105bb28a0781aa644e.css

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/components/content/image/v1/image/clientlibs.min.ACSHASH4402231c6c651d105bb28a0781aa644e.css HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 696
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: fbf602a
last-modified: Mon, 18 Jul 2022 17:50:34 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d07.0
ms-cv-esi: CASMicrosoftCV160e9d07.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/components/content/simple-form/v1/simple-form/clientlibs/sms-email.min.ACSHASHb9157749ae59ee03f78a9825e228517a.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/components/content/simple-form/v1/simple-form/clientlibs/sms-email.min.ACSHASHb9157749ae59ee03f78a9825e228517a.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/css;charset=utf-8
content-length: 134
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 3f3b1a9
last-modified: Wed, 15 Mar 2023 17:47:54 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 9
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d05.0
ms-cv-esi: CASMicrosoftCV160e9d05.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/components/content/areaheading/v1/areaheading/clientlibs/site.min.ACSHASHf3ce0716faf38b81e39f92e91d6f05dc.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/components/content/areaheading/v1/areaheading/clientlibs/site.min.ACSHASHf3ce0716faf38b81e39f92e91d6f05dc.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/css;charset=utf-8
content-length: 202
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 3703369
last-modified: Wed, 14 Jun 2023 18:08:48 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d08.0
ms-cv-esi: CASMicrosoftCV160e9d08.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/components/content/footnotes/v1/footnotes/clientlibs/site.min.ACSHASH40203e0bb3e24fd4626d84825f55e9c5.css

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/components/content/footnotes/v1/footnotes/clientlibs/site.min.ACSHASH40203e0bb3e24fd4626d84825f55e9c5.css HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 1026
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 3703369
last-modified: Wed, 14 Jun 2023 18:08:48 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d09.0
ms-cv-esi: CASMicrosoftCV160e9d09.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/components/content/footnotes/v1/footnotes/clientlibs/site.min.ACSHASHa6065760b0ee53b0ca1e0f57d165ca1c.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/components/content/footnotes/v1/footnotes/clientlibs/site.min.ACSHASHa6065760b0ee53b0ca1e0f57d165ca1c.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 2603
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 8b92a7d
last-modified: Wed, 22 Feb 2023 19:24:59 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d06.0
ms-cv-esi: CASMicrosoftCV160e9d06.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/5b-6eff60/b0-07f293/1e-9d9d16/52-f0367f/af-abd754/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=20210618&iife=1

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/5b-6eff60/b0-07f293/1e-9d9d16/52-f0367f/af-abd754/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=20210618&iife=1 HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 9e2ce3f
last-modified: Wed, 29 Mar 2023 19:39:52 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-length: 88572
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d0b.0
ms-cv-esi: CASMicrosoftCV160e9d0b.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/main-m365.min.ACSHASH1315b52070fe169b25b7b0a6e3667170.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/main-m365.min.ACSHASH1315b52070fe169b25b7b0a6e3667170.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
last-modified: Mon, 07 Aug 2023 20:14:46 GMT
x-activity-id: 6e241bda-4073-48db-aa99-42d81c04f9b2
x-appversion: 1.0.8579.39012
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-06-29T05:40:24.0000000Z}
ms-operation-id: 118a1a57d515454bae99063cfa60bf58
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
x-s1: 2023-08-07T20:14:46
x-s2: 2023-08-07T20:14:46
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-encoding: gzip
content-length: 36044
cache-control: public, max-age=26071439
expires: Tue, 06 Aug 2024 20:15:26 GMT
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d0a.0
ms-cv-esi: CASMicrosoftCV160e9d0a.0
x-rtag: RT
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-ext/main-m365.min.ACSHASHa760728ce5bdc04f3965db30038cbe0c.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-mwf-ext/main-m365.min.ACSHASHa760728ce5bdc04f3965db30038cbe0c.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
x-dispatcher: dispatcher2westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: f302c0e
last-modified: Mon, 02 Oct 2023 18:41:44 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 53
content-length: 134426
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d13.0
ms-cv-esi: CASMicrosoftCV160e9d13.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-base.min.ACSHASH9664e3d4eae25f97830251e3e5b20248.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-base.min.ACSHASH9664e3d4eae25f97830251e3e5b20248.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 10144
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 6138c93
last-modified: Wed, 04 Oct 2023 19:06:48 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 10
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d14.0
ms-cv-esi: CASMicrosoftCV160e9d14.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-site.min.ACSHASH4c1f1c6a4ff877c820e56e5ab869262b.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-site.min.ACSHASH4c1f1c6a4ff877c820e56e5ab869262b.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 131
x-dispatcher: dispatcher3westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 0875511
last-modified: Fri, 30 Jun 2023 08:08:56 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d17.0
ms-cv-esi: CASMicrosoftCV160e9d17.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/clientlibs/clientlib-httpclient.min.ACSHASHdb9337465e1d526f2fff5b4bc44978f0.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/clientlibs/clientlib-httpclient.min.ACSHASHdb9337465e1d526f2fff5b4bc44978f0.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 2108
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: b925e32
last-modified: Mon, 19 Jun 2023 18:15:14 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d18.0
ms-cv-esi: CASMicrosoftCV160e9d18.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-cookieconsent.min.ACSHASH96f0c5b1219e39b8788028f5c17a5ad9.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-cookieconsent.min.ACSHASH96f0c5b1219e39b8788028f5c17a5ad9.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 145
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: fbf602a
last-modified: Thu, 10 Jun 2021 16:40:09 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-edgeconnect-midmile-rtt: 3
x-edgeconnect-origin-mex-latency: 10
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d19.0
ms-cv-esi: CASMicrosoftCV160e9d19.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-cookievalidator.min.ACSHASH3db5cf9fd3fab92b3889302c8de78d1b.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-cookievalidator.min.ACSHASH3db5cf9fd3fab92b3889302c8de78d1b.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: f302c0e
last-modified: Mon, 02 Oct 2023 18:48:27 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-length: 65220
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d1a.0
ms-cv-esi: CASMicrosoftCV160e9d1a.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/components/structure/page/clientlibs/featurecontrol.min.ACSHASHc22ea5b46f3fcad90da0abcc0a3f73d4.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/components/structure/page/clientlibs/featurecontrol.min.ACSHASHc22ea5b46f3fcad90da0abcc0a3f73d4.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: text/css;charset=utf-8
content-length: 437
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 8b92a7d
last-modified: Mon, 15 Aug 2022 17:46:07 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 10
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d1b.0
ms-cv-esi: CASMicrosoftCV160e9d1b.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASHfcb6e8a20d1f1a35b553b673e5f5403d.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASHfcb6e8a20d1f1a35b553b673e5f5403d.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 35385
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: d81c1de
last-modified: Wed, 30 Aug 2023 19:17:29 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d1c.0
ms-cv-esi: CASMicrosoftCV160e9d1c.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-chat.min.ACSHASHfa6f56b2d3037982772378233706c9af.css

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-chat.min.ACSHASHfa6f56b2d3037982772378233706c9af.css HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 661
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: fbf602a
last-modified: Mon, 12 Sep 2022 17:55:43 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d1e.0
ms-cv-esi: CASMicrosoftCV160e9d1e.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-chat.min.ACSHASH34e3440e73ee943fc9802fcad4720cba.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-chat.min.ACSHASH34e3440e73ee943fc9802fcad4720cba.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 142
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 2447558
last-modified: Mon, 12 Sep 2022 17:55:43 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d15.0
ms-cv-esi: CASMicrosoftCV160e9d15.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-market-layer.min.ACSHASH551a5d1b5ebf715e3f78c311a57fa1d7.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-market-layer.min.ACSHASH551a5d1b5ebf715e3f78c311a57fa1d7.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 13821
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 6138c93
last-modified: Wed, 04 Oct 2023 19:07:21 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d16.0
ms-cv-esi: CASMicrosoftCV160e9d16.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/microsoft/clientlibs/exp-cookiecomp/v1.min.ACSHASHc343dfb005ac8c14ae0dd22dd17fb2fc.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/microsoft/clientlibs/exp-cookiecomp/v1.min.ACSHASHc343dfb005ac8c14ae0dd22dd17fb2fc.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 1331
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 5a8f80f
last-modified: Mon, 14 Aug 2023 18:20:25 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d1f.0
ms-cv-esi: CASMicrosoftCV160e9d1f.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-greenid.min.ACSHASH383b23d12df0d9265d7569a7102c2f96.js

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-greenid.min.ACSHASH383b23d12df0d9265d7569a7102c2f96.js HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/javascript;charset=utf-8
content-length: 375
x-dispatcher: dispatcher3westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: 0875511
last-modified: Fri, 30 Jun 2023 08:08:55 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d20.0
ms-cv-esi: CASMicrosoftCV160e9d20.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.microsoft.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-base.min.ACSHASHc5871451778c8e6454258da6f73224b7.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/font-woff
last-modified: Wed, 27 Apr 2022 18:56:37 GMT
x-activity-id: 4fd6cb1a-8453-40c6-bbdd-01be35cc4321
x-appversion: 1.0.8146.33252
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-22T02:28:24.0000000Z}
ms-operation-id: f17aa8995c43c04baf5c68bc97e31eba
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 26288
cache-control: public, max-age=25540658
expires: Wed, 31 Jul 2024 16:49:05 GMT
date: Tue, 10 Oct 2023 02:11:27 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9d9d.0
ms-cv-esi: CASMicrosoftCV160e9d9d.0
x-rtag: RT
GET

https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/resources/fonts/MWFFluentIcons.woff2

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/resources/fonts/MWFFluentIcons.woff2 HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.microsoft.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/main-m365.min.ACSHASH1a14ebf8a17177418f8a582c20c738b0.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope

Response

HTTP/2.0 200

content-type: application/octet-stream
content-length: 27661
x-dispatcher: dispatcher1westeurope
x-vhost: publish_microsoft_s
x-content-type-options: nosniff
ms-commit-id: d23148d
last-modified: Mon, 09 Jan 2023 19:36:09 GMT
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN
cache-control: public, max-age=50131
date: Tue, 10 Oct 2023 02:11:27 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160e9e16.0
ms-cv-esi: CASMicrosoftCV160e9e16.0
x-rtag: AEM_PROD_Static
GET

https://www.microsoft.com/favicon.ico?v2

msedge.exe

Remote address:

104.85.1.163:443

Request

GET /favicon.ico?v2 HTTP/2.0
host: www.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEMDC=westeurope
cookie: MicrosoftApplicationsTelemetryDeviceId=3136b76c-c451-4640-8bbf-3c847de99f1e
cookie: ai_session=froFKI059u9iW2CEbJHnzc|1696903887242|1696903887697
cookie: MUID=9c3db1f49a18493a985289be34c9c95d
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9UAa%252b9p1Nvxai6DDtW3OygC8f0Ll1R4wkO4z%252bbZEIax%252fb%252fTXJA%252bxaEUoIgMe2owpApdJg6tyL66zgQzX73UQ5KmX6jK9f88%252bcZbOMhmf6eR%252baCuai9XF%252bZB2qL8ONukqzUNVXAm99exPVmhA41jUpdwgWzN7beVrxaepjnRX1Z99pI4cmCbkXt0QCAh%252fenZD8y0iwqxmLhow5A77hohv12NVLe19wuyojMKQh%252bAV3oBUTxifi8UWAbNAd%252fCNyN2xhQ%253d%253d

Response

HTTP/2.0 200

content-length: 17174
content-type: image/x-icon
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
etag: "1D99FD2219C9A00"
last-modified: Thu, 15 Jun 2023 21:41:24 GMT
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-frame-options: SAMEORIGIN
x-sitemuse-origin: Azure
x-azure-ref: 20231009T160622Z-ykvdp6et7944tcn747en27gs3g00000003hg000000001ruf
cache-control: public, max-age=50092
expires: Tue, 10 Oct 2023 16:06:22 GMT
date: Tue, 10 Oct 2023 02:11:30 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV160ea33b.0
ms-cv-esi: CASMicrosoftCV160ea33b.0
x-rtag: RT
DNS

41.110.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

41.110.16.96.in-addr.arpa

IN PTR

Response

41.110.16.96.in-addr.arpa

IN PTR

a96-16-110-41deploystaticakamaitechnologiescom
DNS

200.21.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.21.107.13.in-addr.arpa

IN PTR

Response
DNS

48.24.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.24.221.88.in-addr.arpa

IN PTR

Response

48.24.221.88.in-addr.arpa

IN PTR

a88-221-24-48deploystaticakamaitechnologiescom
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR

Response
DNS

163.1.85.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.1.85.104.in-addr.arpa

IN PTR

Response

163.1.85.104.in-addr.arpa

IN PTR

a104-85-1-163deploystaticakamaitechnologiescom
DNS

query.prod.cms.rt.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

query.prod.cms.rt.microsoft.com

IN A

Response

query.prod.cms.rt.microsoft.com

IN CNAME

query.prod.cms.rt.microsoft.com.edgekey.net

query.prod.cms.rt.microsoft.com.edgekey.net

IN CNAME

e11070.b.akamaiedge.net

e11070.b.akamaiedge.net

IN A

23.207.104.5
DNS

az725175.vo.msecnd.net

msedge.exe

Remote address:

8.8.8.8:53

Request

az725175.vo.msecnd.net

IN A

Response

az725175.vo.msecnd.net

IN CNAME

cs22.wpc.v0cdn.net

cs22.wpc.v0cdn.net

IN A

152.199.4.33
GET

https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4OFm4

msedge.exe

Remote address:

23.207.104.5:443

Request

GET /cms/api/am/binary/RE4OFm4 HTTP/1.1
Host: query.prod.cms.rt.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://www.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Content-Length: 2265
Content-Encoding: gzip
Last-Modified: Wed, 27 Sep 2023 00:06:44 GMT
ETag: W/"156"
Server: Microsoft-HTTPAPI/2.0
X-CMS-DocumentId: RE4OFm4
X-CMS-Version: 50
X-CMS-State: Published
X-CMS-Tenant: am
X-CMS-Type: binary
X-CMS-Alias: default
X-CMS-ExecutionTimeInMilliseconds: 89
AppEx-Activity-Id: 93bd1881-294b-4319-963b-8de764a0f2da
X-Trace-Context: {"ActivityId":"93bd1881-294b-4319-963b-8de764a0f2da"}
MS-CV: 5TliwFUChkyING2DmJdiXQ.0
X-CMS-ServiceLocation: northeu:0
Content-Disposition: inline; filename=aem-head-style.css
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=146176
Date: Tue, 10 Oct 2023 02:11:27 GMT
Connection: keep-alive
GET

https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4OxzH

msedge.exe

Remote address:

23.207.104.5:443

Request

GET /cms/api/am/binary/RE4OxzH HTTP/1.1
Host: query.prod.cms.rt.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://www.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Length: 5572
Content-Encoding: gzip
Last-Modified: Mon, 09 Oct 2023 16:23:03 GMT
ETag: W/"193"
Server: Microsoft-HTTPAPI/2.0
X-CMS-DocumentId: RE4OxzH
X-CMS-Version: 67
X-CMS-State: Published
X-CMS-Tenant: am
X-CMS-Type: binary
X-CMS-Alias: default
X-CMS-ExecutionTimeInMilliseconds: 231
AppEx-Activity-Id: 9fc43040-11ab-4a8c-980c-1acc69a6fefb
X-Trace-Context: {"ActivityId":"9fc43040-11ab-4a8c-980c-1acc69a6fefb"}
MS-CV: ltKPu0f5nEiS7DSKtH1W+g.0
X-CMS-ServiceLocation: northeu:0
Content-Disposition: inline; filename=aem-head-script.js
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=569815
Date: Tue, 10 Oct 2023 02:11:27 GMT
Connection: keep-alive
GET

https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4OCI2

msedge.exe

Remote address:

23.207.104.5:443

Request

GET /cms/api/am/binary/RE4OCI2 HTTP/1.1
Host: query.prod.cms.rt.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://www.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Length: 14680
Content-Encoding: gzip
Last-Modified: Fri, 06 Oct 2023 16:35:31 GMT
ETag: W/"441"
Server: Microsoft-HTTPAPI/2.0
X-CMS-DocumentId: RE4OCI2
X-CMS-Version: 146
X-CMS-State: Published
X-CMS-Tenant: am
X-CMS-Type: binary
X-CMS-Alias: default
X-CMS-ExecutionTimeInMilliseconds: 361
AppEx-Activity-Id: db3a20f7-322a-4f92-abef-f94516e7c768
X-Trace-Context: {"ActivityId":"db3a20f7-322a-4f92-abef-f94516e7c768"}
MS-CV: VAmSGr/5fUKPiQxbdUQYAQ.0
X-CMS-ServiceLocation: northeu:0
Content-Disposition: inline; filename=aem-body-script.js
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=311391
Date: Tue, 10 Oct 2023 02:11:27 GMT
Connection: keep-alive
GET

https://az725175.vo.msecnd.net/scripts/jsll-4.js

msedge.exe

Remote address:

152.199.4.33:443

Request

GET /scripts/jsll-4.js HTTP/2.0
host: az725175.vo.msecnd.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 1189
cache-control: public, max-age=1800, immutable
content-md5: yvXHFTB8uAvUsw4tqOlcNw==
content-type: text/javascript; charset="utf-8"
date: Tue, 10 Oct 2023 02:11:27 GMT
etag: 0x8D8D781DE4DEC32
last-modified: Mon, 22 Feb 2021 22:33:25 GMT
server: ECAcc (bsb/2799)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 634238e1-c01e-0033-2b1c-fb9606000000
x-ms-version: 2009-09-19
content-length: 18421
DNS

5.104.207.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.104.207.23.in-addr.arpa

IN PTR

Response

5.104.207.23.in-addr.arpa

IN PTR

a23-207-104-5deploystaticakamaitechnologiescom
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

33.4.199.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

33.4.199.152.in-addr.arpa

IN PTR

Response
DNS

wcpstatic.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

cdn-dynmedia-1.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn-dynmedia-1.microsoft.com

IN A

Response

cdn-dynmedia-1.microsoft.com

IN CNAME

san-ion.secure4.scene7.com.edgekey.net

san-ion.secure4.scene7.com.edgekey.net

IN CNAME

e81481.dsca.akamaiedge.net

e81481.dsca.akamaiedge.net

IN A

104.110.240.160

e81481.dsca.akamaiedge.net

IN A

104.110.240.65
GET

https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js

msedge.exe

Remote address:

13.107.246.67:443

Request

GET /mscc/lib/v2/wcp-consent.js HTTP/2.0
host: wcpstatic.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 10 Oct 2023 02:11:27 GMT
content-type: application/javascript
content-length: 81726
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 16231
cache-control: max-age=43200
content-md5: X1JOIM5h9UISVFS6+GfEew==
etag: 0x8DA85F6EA62BF74
last-modified: Wed, 24 Aug 2022 17:34:36 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 8558d840-901e-006a-01f9-fa7b44000000
x-ms-version: 2009-09-19
x-azure-ref: 20231010T021127Z-0s2nkx2h2120tdewgpkz85p20w00000000tg00000000hu13
accept-ranges: bytes
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/LinkedIn-29?scl=1

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/LinkedIn-29?scl=1 HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 19:15:56 GMT
etag: "e5c8f8637544a519558371b774e355df"
-x-adobe-smart-imaging: 460
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 360
expires: Tue, 10 Oct 2023 11:24:06 GMT
date: Tue, 10 Oct 2023 02:11:27 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Twitter-34?scl=1

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/Twitter-34?scl=1 HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 19:15:54 GMT
etag: "95ef5d6416889b94a82d3cd75c4679a5"
-x-adobe-smart-imaging: 183
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 566
expires: Tue, 10 Oct 2023 07:30:52 GMT
date: Tue, 10 Oct 2023 02:11:27 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Blog?scl=1

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/Blog?scl=1 HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 20:54:55 GMT
etag: "419f88e695a62cec374cbbe759f11754"
-x-adobe-smart-imaging: 346
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 502
expires: Tue, 10 Oct 2023 09:30:48 GMT
date: Tue, 10 Oct 2023 02:11:27 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/HeroImage_2x_RE3ByzZ?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=800&qlt=99&fmt=png-alpha&fit=constrain

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/HeroImage_2x_RE3ByzZ?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=800&qlt=99&fmt=png-alpha&fit=constrain HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Tue, 17 Jan 2023 15:32:11 GMT
etag: "f9388b9975554ad6552f3d7f83e7dfed"
-x-adobe-smart-imaging: 157664
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 45654
expires: Tue, 10 Oct 2023 07:05:27 GMT
date: Tue, 10 Oct 2023 02:11:28 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/AnywhereAccessIcon_2x_RE3EpFE?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=786&hei=40&qlt=90&fmt=png-alpha&fit=constrain

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/AnywhereAccessIcon_2x_RE3EpFE?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=786&hei=40&qlt=90&fmt=png-alpha&fit=constrain HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Tue, 17 Jan 2023 15:32:11 GMT
etag: "0ba9506e18f0f7fefa32da551e8008b3"
-x-adobe-smart-imaging: 277
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 1314
expires: Tue, 10 Oct 2023 09:42:06 GMT
date: Tue, 10 Oct 2023 02:11:28 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/FamiliarExperienceIcon_2x_RE3ExtO?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=786&hei=40&qlt=90&fmt=png-alpha&fit=constrain

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/FamiliarExperienceIcon_2x_RE3ExtO?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=786&hei=40&qlt=90&fmt=png-alpha&fit=constrain HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Tue, 17 Jan 2023 15:32:11 GMT
etag: "6093aa5ea06001f5ef6771b17e547a1d"
-x-adobe-smart-imaging: 717
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 1428
expires: Tue, 10 Oct 2023 10:56:29 GMT
date: Tue, 10 Oct 2023 02:11:28 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/WorkwAnyoneIcon_2x_RE3ECGB?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=786&hei=40&qlt=90&fmt=png-alpha&fit=constrain

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/WorkwAnyoneIcon_2x_RE3ECGB?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=786&hei=40&qlt=90&fmt=png-alpha&fit=constrain HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Tue, 17 Jan 2023 15:32:11 GMT
etag: "f584b245aafb6a36c53ac3776a1d7e44"
-x-adobe-smart-imaging: 706
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 1334
expires: Tue, 10 Oct 2023 09:32:16 GMT
date: Tue, 10 Oct 2023 02:11:28 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/image_RWPhd0?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=297&qlt=85

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/image_RWPhd0?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=297&qlt=85 HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Tue, 17 Jan 2023 15:32:11 GMT
etag: "87a6ec0b6a5c23220a63b6c44a523ee2"
-x-adobe-smart-imaging: 1239
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 3004
expires: Tue, 10 Oct 2023 09:41:17 GMT
date: Tue, 10 Oct 2023 02:11:28 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Story1WordforWeb_2x_RE3ByA5?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/Story1WordforWeb_2x_RE3ByA5?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=9c3db1f49a18493a985289be34c9c95d
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9UAa%252b9p1Nvxai6DDtW3OygC8f0Ll1R4wkO4z%252bbZEIax%252fb%252fTXJA%252bxaEUoIgMe2owpApdJg6tyL66zgQzX73UQ5KmX6jK9f88%252bcZbOMhmf6eR%252baCuai9XF%252bZB2qL8ONukqzUNVXAm99exPVmhA41jUpdwgWzN7beVrxaepjnRX1Z99pI4cmCbkXt0QCAh%252fenZD8y0iwqxmLhow5A77hohv12NVLe19wuyojMKQh%252bAV3oBUTxifi8UWAbNAd%252fCNyN2xhQ%253d%253d

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Tue, 17 Jan 2023 15:32:11 GMT
etag: "1db594c734581321c7d87411244920fb"
-x-adobe-smart-imaging: 130864
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 203270
expires: Tue, 10 Oct 2023 09:32:16 GMT
date: Tue, 10 Oct 2023 02:11:30 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Story2ExcelforWeb_2x_RE3BqLE?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/Story2ExcelforWeb_2x_RE3BqLE?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=9c3db1f49a18493a985289be34c9c95d
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9UAa%252b9p1Nvxai6DDtW3OygC8f0Ll1R4wkO4z%252bbZEIax%252fb%252fTXJA%252bxaEUoIgMe2owpApdJg6tyL66zgQzX73UQ5KmX6jK9f88%252bcZbOMhmf6eR%252baCuai9XF%252bZB2qL8ONukqzUNVXAm99exPVmhA41jUpdwgWzN7beVrxaepjnRX1Z99pI4cmCbkXt0QCAh%252fenZD8y0iwqxmLhow5A77hohv12NVLe19wuyojMKQh%252bAV3oBUTxifi8UWAbNAd%252fCNyN2xhQ%253d%253d

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Tue, 17 Jan 2023 15:32:11 GMT
etag: "45e36e2cb83c8480b17f86b79092c1ff"
-x-adobe-smart-imaging: 105463
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 200014
expires: Tue, 10 Oct 2023 05:04:53 GMT
date: Tue, 10 Oct 2023 02:11:30 GMT
GET

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Story3PPforWeb_2x_RE3Boa4?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain

msedge.exe

Remote address:

104.110.240.160:443

Request

GET /is/image/microsoftcorp/Story3PPforWeb_2x_RE3Boa4?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain HTTP/2.0
host: cdn-dynmedia-1.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=9c3db1f49a18493a985289be34c9c95d
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9UAa%252b9p1Nvxai6DDtW3OygC8f0Ll1R4wkO4z%252bbZEIax%252fb%252fTXJA%252bxaEUoIgMe2owpApdJg6tyL66zgQzX73UQ5KmX6jK9f88%252bcZbOMhmf6eR%252baCuai9XF%252bZB2qL8ONukqzUNVXAm99exPVmhA41jUpdwgWzN7beVrxaepjnRX1Z99pI4cmCbkXt0QCAh%252fenZD8y0iwqxmLhow5A77hohv12NVLe19wuyojMKQh%252bAV3oBUTxifi8UWAbNAd%252fCNyN2xhQ%253d%253d

Response

HTTP/2.0 200

access-control-allow-origin: *
last-modified: Tue, 17 Jan 2023 15:32:11 GMT
etag: "e72a547c87221b2e0974918808b7f93b"
-x-adobe-smart-imaging: 130706
server: Unknown
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
content-length: 245598
expires: Tue, 10 Oct 2023 05:03:26 GMT
date: Tue, 10 Oct 2023 02:11:30 GMT
DNS

mem.gfx.ms

msedge.exe

Remote address:

8.8.8.8:53

Request

mem.gfx.ms

IN A

Response

mem.gfx.ms

IN CNAME

amcdnmsftuswe.azureedge.net

amcdnmsftuswe.azureedge.net

IN CNAME

amcdnmsftuswe.afd.azureedge.net

amcdnmsftuswe.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
GET

https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-au&uhf=1

msedge.exe

Remote address:

13.107.246.67:443

Request

GET /meversion?partner=OfficeProducts&market=en-au&uhf=1 HTTP/2.0
host: mem.gfx.ms
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, no-transform, max-age=43200
content-type: application/javascript
content-encoding: br
expires: Tue, 10 Oct 2023 09:41:29 GMT
x-cache: TCP_HIT
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0lYMkZQAAAAAvyc/YQB0bRYdPOgNYHSn4QU1TMDRFREdFMTkxNgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-azure-ref: 0z7IkZQAAAABgs093e/2fSoMrADKaWd2TQlJVMzBFREdFMDQxNwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Tue, 10 Oct 2023 02:11:27 GMT
GET

https://mem.gfx.ms/me/mecache?partner=officeproducts&wreply=https%3A%2F%2Fwww.microsoft.com

msedge.exe

Remote address:

13.107.246.67:443

Request

GET /me/mecache?partner=officeproducts&wreply=https%3A%2F%2Fwww.microsoft.com HTTP/2.0
host: mem.gfx.ms
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, no-transform, max-age=43200
content-type: text/html; charset=utf-8
content-encoding: br
expires: Tue, 10 Oct 2023 02:52:49 GMT
x-cache: TCP_HIT
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://www.microsoft.com;
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0H3AkZQAAAAD0IBY7M0uJSJ5i4xn4uk8BQU1TMDRFREdFMTkxMABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-azure-ref: 00rIkZQAAAADI3ZAzLmubSJEDO0YAkZR8QlJVMzBFREdFMDQxNwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Tue, 10 Oct 2023 02:11:29 GMT
DNS

67.246.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.246.107.13.in-addr.arpa

IN PTR

Response
DNS

160.240.110.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

160.240.110.104.in-addr.arpa

IN PTR

Response

160.240.110.104.in-addr.arpa

IN PTR

a104-110-240-160deploystaticakamaitechnologiescom
DNS

69.121.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.121.18.2.in-addr.arpa

IN PTR

Response

69.121.18.2.in-addr.arpa

IN PTR

a2-18-121-69deploystaticakamaitechnologiescom
DNS

69.121.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.121.18.2.in-addr.arpa

IN PTR

Response

69.121.18.2.in-addr.arpa

IN PTR

a2-18-121-69deploystaticakamaitechnologiescom
DNS

fpt.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fpt.microsoft.com

IN A

Response

fpt.microsoft.com

IN CNAME

pme-greenid-prod.trafficmanager.net

pme-greenid-prod.trafficmanager.net

IN CNAME

greenid-prod-pme.eastus2.cloudapp.azure.com

greenid-prod-pme.eastus2.cloudapp.azure.com

IN A

52.167.30.171
DNS

fpt.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fpt.microsoft.com

IN A

Response

fpt.microsoft.com

IN CNAME

pme-greenid-prod.trafficmanager.net

pme-greenid-prod.trafficmanager.net

IN CNAME

greenid-prod-pme.eastus2.cloudapp.azure.com

greenid-prod-pme.eastus2.cloudapp.azure.com

IN A

52.167.30.171
DNS

js.monitor.azure.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.monitor.azure.com

IN A

Response

js.monitor.azure.com

IN CNAME

aijscdn2.azureedge.net

aijscdn2.azureedge.net

IN CNAME

aijscdn2.afd.azureedge.net

aijscdn2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

js.monitor.azure.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js.monitor.azure.com

IN A

Response

js.monitor.azure.com

IN CNAME

aijscdn2.azureedge.net

aijscdn2.azureedge.net

IN CNAME

aijscdn2.afd.azureedge.net

aijscdn2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
GET

https://mem.gfx.ms/scripts/me/MeControl/10.23212.1/en-US/meBoot.min.js

msedge.exe

Remote address:

13.107.246.67:443

Request

GET /scripts/me/MeControl/10.23212.1/en-US/meBoot.min.js HTTP/2.0
host: mem.gfx.ms
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.microsoft.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-encoding: br
last-modified: Fri, 04 Aug 2023 17:23:30 GMT
etag: "1d9c7330f6b2ee7"
x-cache: TCP_HIT
x-content-type-options: nosniff
access-control-allow-origin: *
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0alohZQAAAAD+d73ig8LsQprf2vBLo/NAQU1TMDRFREdFMTgxOQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-azure-ref: 00LIkZQAAAADJzeUDrIKlSJoFZbvjv/tuQlJVMzBFREdFMTAxOABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Tue, 10 Oct 2023 02:11:28 GMT
GET

https://mem.gfx.ms/scripts/me/MeControl/10.23212.1/en-US/meCore.min.js

msedge.exe

Remote address:

13.107.246.67:443

Request

GET /scripts/me/MeControl/10.23212.1/en-US/meCore.min.js HTTP/2.0
host: mem.gfx.ms
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.microsoft.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-encoding: br
last-modified: Fri, 04 Aug 2023 17:23:34 GMT
etag: "1d9c73311cdcea1"
x-cache: TCP_HIT
x-content-type-options: nosniff
access-control-allow-origin: *
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0+VchZQAAAACmF2+evnEvR5iuY+DUs+c+QU1TMDRFREdFMTkxOQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-azure-ref: 00bIkZQAAAAAxyHlt/MGQTa/RRK/uEcaeQlJVMzBFREdFMTAxOABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Tue, 10 Oct 2023 02:11:29 GMT
DNS

assets.adobedtm.com

msedge.exe

Remote address:

8.8.8.8:53

Request

assets.adobedtm.com

IN A

Response

assets.adobedtm.com

IN CNAME

cn-assets.adobedtm.com.edgekey.net

cn-assets.adobedtm.com.edgekey.net

IN CNAME

e7808.dscg.akamaiedge.net

e7808.dscg.akamaiedge.net

IN A

96.16.109.56
DNS

assets.adobedtm.com

msedge.exe

Remote address:

8.8.8.8:53

Request

assets.adobedtm.com

IN A

Response

assets.adobedtm.com

IN CNAME

cn-assets.adobedtm.com.edgekey.net

cn-assets.adobedtm.com.edgekey.net

IN CNAME

e7808.dscg.akamaiedge.net

e7808.dscg.akamaiedge.net

IN A

96.16.109.56
GET

https://fpt.microsoft.com/tags?session_id=f5177fde-12d5-41df-b799-401ad0823a2e

msedge.exe

Remote address:

52.167.30.171:443

Request

GET /tags?session_id=f5177fde-12d5-41df-b799-401ad0823a2e HTTP/2.0
host: fpt.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
set-cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%252fiyXZgianNlkoEoHgY%252fMexPY0h16oL5OlA9AVqU32kUw%252bTHzpnN2rB0mW8W4bJo8fqDbrQ4boK3BGHH4UhE10uNfkEKxPAyvaj7n61zHs3vLwQbLyC7f%252f53dKMCoiBoxCH%252fh4hFh0%252fOU%252bKSkyt4Uhq5Ex54XmFSkef3SMP5V28XZDuR75npTaa%252fBTLLt5jcLWqC%252b16qTWUF9qwKUTa; domain=.microsoft.com; path=/; secure; samesite=lax; httponly
set-cookie: MUID=9c3db1f49a18493a985289be34c9c95d; expires=Thu, 10 Oct 2024 02:11:28 GMT; domain=.microsoft.com; path=/; secure; samesite=lax; httponly
date: Tue, 10 Oct 2023 02:11:28 GMT
GET

https://fpt.microsoft.com/Images/Clear.PNG?ctx=jscb1.0&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&CustomerId=02C58649-E822-405B-B6C3-17A7509D2FCC&esi=YnVhPU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3Jm9zPVdpbjMyJmxwcm9jPTgmb2w9dHJ1ZSZydHQ9MTAwJmNocm09dHJ1ZSZwcm9zdWI9MjAwMzAxMDcmZXZhbD0zMyZhcHB2PTUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjEzMSBTYWZhcmkvNTM3LjM2IEVkZy85Mi4wLjkwMi42NyZwcj0xJnNyPTEyODB4NzIwJnNjZD0yNCZhc3I9MTI4MHg2ODAmdHo9MCZkc3Q9MCZ0em89MCZibD1lbi1VUyZtdGg9YTg4MmFiY2RjNzdkZGZkZjllYTg0MTE0NzA2YjlhN2EmbXRuPTQmcG49MyZwaD1lYzVlYmFlMDYyMWJkYzEzMGFlOTFiMTllNjE5NzY1OCZwPXBsdWdpbl9mbGFzaCUzRGZhbHNlJTI2cGx1Z2luX3dpbmRvd3NfbWVkaWFfcGxheWVyJTNEZmFsc2UlMjZwbHVnaW5fYWRvYmVfYWNyb2JhdCUzRGZhbHNlJTI2cGx1Z2luX3NpbHZlcmxpZ2h0JTNEZmFsc2UlMjZwbHVnaW5fcXVpY2t0aW1lJTNEZmFsc2UlMjZwbHVnaW5fc2hvY2t3YXZlJTNEZmFsc2UlMjZwbHVnaW5fcmVhbHBsYXllciUzRGZhbHNlJTI2cGx1Z2luX3ZsY19wbGF5ZXIlM0RmYWxzZSUyNnBsdWdpbl9kZXZhbHZyJTNEZmFsc2UlMjZwbHVnaW5fc3ZnX3ZpZXdlciUzRGZhbHNlJTI2cGx1Z2luX2phdmElM0RmYWxzZSZsaD1odHRwcyUzQSUyRiUyRmZwdC5taWNyb3NvZnQuY29tJTJGdGFncyUzRnNlc3Npb25faWQlM0RmNTE3N2ZkZS0xMmQ1LTQxZGYtYjc5OS00MDFhZDA4MjNhMmUmZHI9aHR0cHMlM0ElMkYlMkZ3d3cubWljcm9zb2Z0LmNvbSUyRiZ3PThEQkM5MzYzNkFDQTZGRCZpZD05YzNkYjFmNC05YTE4LTQ5M2EtOTg1Mi04OWJlMzRjOWM5NWQmYT0mYz03NDRmMWExMmVkOTc0OGYyNTExMDAwMWI1NmRkODAxMw==&eci=eyJ1dmRyIjoiR29vZ2xlIEluYy4gKE5WSURJQSkiLCJ1cmRyIjoiQU5HTEUgKE5WSURJQSwgTlZJRElBIEdlRm9yY2UgUlRYIDMwNjAgVGkgRGlyZWN0M0QxMSB2c181XzAgcHNfNV8wLCBEM0QxMS0xMC4wLjE5MDQxLjU0NikiLCJ2ZHIiOiJXZWJLaXQiLCJyZHIiOiJXZWJLaXQgV2ViR0wiLCJpZHVoIjoiMDFmNTY4YTRjNDUwMjUyZjlmZTMyMDE5NmZhZDk4NWIifQ==&u1=&u3=10.0&u4=x86&u5=undefined

msedge.exe

Remote address:

52.167.30.171:443

Request

GET /Images/Clear.PNG?ctx=jscb1.0&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&CustomerId=02C58649-E822-405B-B6C3-17A7509D2FCC&esi=YnVhPU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3Jm9zPVdpbjMyJmxwcm9jPTgmb2w9dHJ1ZSZydHQ9MTAwJmNocm09dHJ1ZSZwcm9zdWI9MjAwMzAxMDcmZXZhbD0zMyZhcHB2PTUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjEzMSBTYWZhcmkvNTM3LjM2IEVkZy85Mi4wLjkwMi42NyZwcj0xJnNyPTEyODB4NzIwJnNjZD0yNCZhc3I9MTI4MHg2ODAmdHo9MCZkc3Q9MCZ0em89MCZibD1lbi1VUyZtdGg9YTg4MmFiY2RjNzdkZGZkZjllYTg0MTE0NzA2YjlhN2EmbXRuPTQmcG49MyZwaD1lYzVlYmFlMDYyMWJkYzEzMGFlOTFiMTllNjE5NzY1OCZwPXBsdWdpbl9mbGFzaCUzRGZhbHNlJTI2cGx1Z2luX3dpbmRvd3NfbWVkaWFfcGxheWVyJTNEZmFsc2UlMjZwbHVnaW5fYWRvYmVfYWNyb2JhdCUzRGZhbHNlJTI2cGx1Z2luX3NpbHZlcmxpZ2h0JTNEZmFsc2UlMjZwbHVnaW5fcXVpY2t0aW1lJTNEZmFsc2UlMjZwbHVnaW5fc2hvY2t3YXZlJTNEZmFsc2UlMjZwbHVnaW5fcmVhbHBsYXllciUzRGZhbHNlJTI2cGx1Z2luX3ZsY19wbGF5ZXIlM0RmYWxzZSUyNnBsdWdpbl9kZXZhbHZyJTNEZmFsc2UlMjZwbHVnaW5fc3ZnX3ZpZXdlciUzRGZhbHNlJTI2cGx1Z2luX2phdmElM0RmYWxzZSZsaD1odHRwcyUzQSUyRiUyRmZwdC5taWNyb3NvZnQuY29tJTJGdGFncyUzRnNlc3Npb25faWQlM0RmNTE3N2ZkZS0xMmQ1LTQxZGYtYjc5OS00MDFhZDA4MjNhMmUmZHI9aHR0cHMlM0ElMkYlMkZ3d3cubWljcm9zb2Z0LmNvbSUyRiZ3PThEQkM5MzYzNkFDQTZGRCZpZD05YzNkYjFmNC05YTE4LTQ5M2EtOTg1Mi04OWJlMzRjOWM5NWQmYT0mYz03NDRmMWExMmVkOTc0OGYyNTExMDAwMWI1NmRkODAxMw==&eci=eyJ1dmRyIjoiR29vZ2xlIEluYy4gKE5WSURJQSkiLCJ1cmRyIjoiQU5HTEUgKE5WSURJQSwgTlZJRElBIEdlRm9yY2UgUlRYIDMwNjAgVGkgRGlyZWN0M0QxMSB2c181XzAgcHNfNV8wLCBEM0QxMS0xMC4wLjE5MDQxLjU0NikiLCJ2ZHIiOiJXZWJLaXQiLCJyZHIiOiJXZWJLaXQgV2ViR0wiLCJpZHVoIjoiMDFmNTY4YTRjNDUwMjUyZjlmZTMyMDE5NmZhZDk4NWIifQ==&u1=&u3=10.0&u4=x86&u5=undefined HTTP/2.0
host: fpt.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://fpt.microsoft.com/tags?session_id=f5177fde-12d5-41df-b799-401ad0823a2e
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%252fiyXZgianNlkoEoHgY%252fMexPY0h16oL5OlA9AVqU32kUw%252bTHzpnN2rB0mW8W4bJo8fqDbrQ4boK3BGHH4UhE10uNfkEKxPAyvaj7n61zHs3vLwQbLyC7f%252f53dKMCoiBoxCH%252fh4hFh0%252fOU%252bKSkyt4Uhq5Ex54XmFSkef3SMP5V28XZDuR75npTaa%252fBTLLt5jcLWqC%252b16qTWUF9qwKUTa
cookie: MUID=9c3db1f49a18493a985289be34c9c95d

Response

HTTP/2.0 200

content-type: text/html
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
date: Tue, 10 Oct 2023 02:11:29 GMT
GET

https://fpt2.microsoft.com/Clear.HTML?ctx=Ls1.0&wl=True&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&id=9c3db1f4-9a18-493a-9852-89be34c9c95d&w=8DBC93636ACA6FD&tkt=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%252fiyXZgianNlkoEoHgY%252fMexPY0h16oL5OlA9AVqU32kUw%252bTHzpnN2rB0mW8W4bJo8fqDbrQ4boK3BGHH4UhE10uNfkEKxPAyvaj7n61zHs3vLwQbLyC7f%252f53dKMCoiBoxCH%252fh4hFh0%252fOU%252bKSkyt4Uhq5Ex54XmFSkef3SMP5V28XZDuR75npTaa%252fBTLLt5jcLWqC%252b16qTWUF9qwKUTa&CustomerId=02C58649-E822-405B-B6C3-17A7509D2FCC

msedge.exe

Remote address:

52.167.30.171:443

Request

GET /Clear.HTML?ctx=Ls1.0&wl=True&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&id=9c3db1f4-9a18-493a-9852-89be34c9c95d&w=8DBC93636ACA6FD&tkt=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%252fiyXZgianNlkoEoHgY%252fMexPY0h16oL5OlA9AVqU32kUw%252bTHzpnN2rB0mW8W4bJo8fqDbrQ4boK3BGHH4UhE10uNfkEKxPAyvaj7n61zHs3vLwQbLyC7f%252f53dKMCoiBoxCH%252fh4hFh0%252fOU%252bKSkyt4Uhq5Ex54XmFSkef3SMP5V28XZDuR75npTaa%252fBTLLt5jcLWqC%252b16qTWUF9qwKUTa&CustomerId=02C58649-E822-405B-B6C3-17A7509D2FCC HTTP/2.0
host: fpt2.microsoft.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fpt.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%252fiyXZgianNlkoEoHgY%252fMexPY0h16oL5OlA9AVqU32kUw%252bTHzpnN2rB0mW8W4bJo8fqDbrQ4boK3BGHH4UhE10uNfkEKxPAyvaj7n61zHs3vLwQbLyC7f%252f53dKMCoiBoxCH%252fh4hFh0%252fOU%252bKSkyt4Uhq5Ex54XmFSkef3SMP5V28XZDuR75npTaa%252fBTLLt5jcLWqC%252b16qTWUF9qwKUTa
cookie: MUID=9c3db1f49a18493a985289be34c9c95d

Response

HTTP/2.0 200

content-length: 0
content-type: text/html
content-encoding: gzip
set-cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9UAa%252b9p1Nvxai6DDtW3OygC8f0Ll1R4wkO4z%252bbZEIax%252fb%252fTXJA%252bxaEUoIgMe2owpApdJg6tyL66zgQzX73UQ5KmX6jK9f88%252bcZbOMhmf6eR%252baCuai9XF%252bZB2qL8ONukqzUNVXAm99exPVmhA41jUpdwgWzN7beVrxaepjnRX1Z99pI4cmCbkXt0QCAh%252fenZD8y0iwqxmLhow5A77hohv12NVLe19wuyojMKQh%252bAV3oBUTxifi8UWAbNAd%252fCNyN2xhQ%253d%253d; domain=.microsoft.com; path=/; secure; samesite=lax; httponly
vary: Accept-Encoding
server: Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
date: Tue, 10 Oct 2023 02:11:29 GMT
GET

https://fpt.microsoft.com/images/Clear.PNG?ctx=Wlcb1.0&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&tkt=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%2f5iuBWoV%2f3YVyB%2b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%2fiyXZgianNlkoEoHgYyI8bSZwMWvBgtbelQpdZrQA%2fDy5P015eLUgpf9rUtr%2bsmps6ZuUoV5kED9Unk2icOoBNc9uMwmvagvJ8WIJnpcZBLKos6R%2feENGMX2Wj4afM8NoJA5oX4EsgYhEMw8Rf%2bZO0%2ffJR22v2YUF%2b%2fm06l9epmSoPrIb0aKLJKbCCYm9Btiy19sM5rUD3NRGprgVX

msedge.exe

Remote address:

52.167.30.171:443

Request

GET /images/Clear.PNG?ctx=Wlcb1.0&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&tkt=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%2f5iuBWoV%2f3YVyB%2b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%2fiyXZgianNlkoEoHgYyI8bSZwMWvBgtbelQpdZrQA%2fDy5P015eLUgpf9rUtr%2bsmps6ZuUoV5kED9Unk2icOoBNc9uMwmvagvJ8WIJnpcZBLKos6R%2feENGMX2Wj4afM8NoJA5oX4EsgYhEMw8Rf%2bZO0%2ffJR22v2YUF%2b%2fm06l9epmSoPrIb0aKLJKbCCYm9Btiy19sM5rUD3NRGprgVX HTTP/2.0
host: fpt.microsoft.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://fpt2.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=9c3db1f49a18493a985289be34c9c95d
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9UAa%252b9p1Nvxai6DDtW3OygC8f0Ll1R4wkO4z%252bbZEIax%252fb%252fTXJA%252bxaEUoIgMe2owpApdJg6tyL66zgQzX73UQ5KmX6jK9f88%252bcZbOMhmf6eR%252baCuai9XF%252bZB2qL8ONukqzUNVXAm99exPVmhA41jUpdwgWzN7beVrxaepjnRX1Z99pI4cmCbkXt0QCAh%252fenZD8y0iwqxmLhow5A77hohv12NVLe19wuyojMKQh%252bAV3oBUTxifi8UWAbNAd%252fCNyN2xhQ%253d%253d

Response

HTTP/2.0 200

content-length: 0
server: Microsoft-HTTPAPI/2.0
date: Tue, 10 Oct 2023 02:11:29 GMT
GET

https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.7.gbl.min.js

msedge.exe

Remote address:

13.107.246.67:443

Request

GET /scripts/c/ms.shared.analytics.mectrl-3.2.7.gbl.min.js HTTP/2.0
host: js.monitor.azure.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.microsoft.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable, no-transform
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: bG4aPNgugaurnXq8OXoQfQ==
last-modified: Wed, 05 Oct 2022 16:53:03 GMT
etag: 0x8DAA6F2118B127C
x-cache: TCP_HIT
x-ms-request-id: 673a977a-201e-0058-1609-fba3a9000000
x-ms-version: 2009-09-19
x-ms-meta-jssdkver: 3.2.7
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 00LIkZQAAAAB5Jje6fgv0TZKB/rWk0xSwQU1TMDRFREdFMTkwNwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
date: Tue, 10 Oct 2023 02:11:27 GMT
GET

https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/launch-41185cd0b005.min.js

msedge.exe

Remote address:

96.16.109.56:443

Request

GET /5ef092d1efb5/d6d76b37b476/launch-41185cd0b005.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "2ff66f47957052cad7dcc1ed409f7cff:1638999595.762542"
last-modified: Wed, 08 Dec 2021 21:39:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
x-akamai-ew-subworker: 8096267
content-length: 18602
cache-control: max-age=3600
expires: Tue, 10 Oct 2023 03:11:28 GMT
date: Tue, 10 Oct 2023 02:11:28 GMT
access-control-allow-origin: https://www.microsoft.com
timing-allow-origin: *
GET

https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RCbec314109be34962999dbad4041375a8-source.min.js

msedge.exe

Remote address:

96.16.109.56:443

Request

GET /5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RCbec314109be34962999dbad4041375a8-source.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "d8b4a532e9559d18d4118fb4a3525c9b:1638999596.382245"
last-modified: Wed, 08 Dec 2021 21:39:56 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 513
cache-control: max-age=3600
expires: Tue, 10 Oct 2023 03:11:28 GMT
date: Tue, 10 Oct 2023 02:11:28 GMT
access-control-allow-origin: https://www.microsoft.com
timing-allow-origin: *
GET

https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RCb827b2d874d8436fa48a7c19baf01bf1-source.min.js

msedge.exe

Remote address:

96.16.109.56:443

Request

GET /5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RCb827b2d874d8436fa48a7c19baf01bf1-source.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "d8b4a532e9559d18d4118fb4a3525c9b:1638999596.382245"
last-modified: Wed, 08 Dec 2021 21:39:56 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
x-akamai-ew-subworker: 8096267
content-length: 16898
cache-control: max-age=3600
expires: Tue, 10 Oct 2023 03:11:28 GMT
date: Tue, 10 Oct 2023 02:11:28 GMT
access-control-allow-origin: https://www.microsoft.com
timing-allow-origin: *
GET

https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RC3845794034964e32934c4dad4bdff728-source.min.js

msedge.exe

Remote address:

96.16.109.56:443

Request

GET /5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RC3845794034964e32934c4dad4bdff728-source.min.js HTTP/2.0
host: assets.adobedtm.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: application/x-javascript
etag: "d8b4a532e9559d18d4118fb4a3525c9b:1638999596.382245"
last-modified: Wed, 08 Dec 2021 21:39:56 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
vary: Accept-Encoding
content-encoding: gzip
content-length: 520
cache-control: max-age=3600
expires: Tue, 10 Oct 2023 03:11:28 GMT
date: Tue, 10 Oct 2023 02:11:28 GMT
access-control-allow-origin: https://www.microsoft.com
timing-allow-origin: *
DNS

fpt2.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fpt2.microsoft.com

IN A

Response

fpt2.microsoft.com

IN CNAME

pme-greenid-prod.trafficmanager.net

pme-greenid-prod.trafficmanager.net

IN CNAME

greenid-prod-pme.eastus2.cloudapp.azure.com

greenid-prod-pme.eastus2.cloudapp.azure.com

IN A

52.167.30.171
DNS

56.109.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.109.16.96.in-addr.arpa

IN PTR

Response

56.109.16.96.in-addr.arpa

IN PTR

a96-16-109-56deploystaticakamaitechnologiescom
DNS

171.30.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.30.167.52.in-addr.arpa

IN PTR

Response
DNS

browser.events.data.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdcus04.centralus.cloudapp.azure.com

onedscolprdcus04.centralus.cloudapp.azure.com

IN A

52.182.143.208
OPTIONS

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

msedge.exe

Remote address:

52.182.143.208:443

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
accept: */*
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
origin: https://www.microsoft.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://www.microsoft.com
date: Tue, 10 Oct 2023 02:11:29 GMT
DNS

acctcdn.msauth.net

msedge.exe

Remote address:

8.8.8.8:53

Request

acctcdn.msauth.net

IN A

Response

acctcdn.msauth.net

IN CNAME

acctcdnmsftuswe2.azureedge.net

acctcdnmsftuswe2.azureedge.net

IN CNAME

acctcdnmsftuswe2.afd.azureedge.net

acctcdnmsftuswe2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

acctcdn.msftauth.net

msedge.exe

Remote address:

8.8.8.8:53

Request

acctcdn.msftauth.net

IN A

Response

acctcdn.msftauth.net

IN CNAME

acctcdn.trafficmanager.net

acctcdn.trafficmanager.net

IN CNAME

acctcdnvzeuno.azureedge.net

acctcdnvzeuno.azureedge.net

IN CNAME

acctcdnvzeuno.ec.azureedge.net

acctcdnvzeuno.ec.azureedge.net

IN CNAME

scdn1efff.wpc.9da5e.alphacdn.net

scdn1efff.wpc.9da5e.alphacdn.net

IN CNAME

sni1gl.wpc.alphacdn.net

sni1gl.wpc.alphacdn.net

IN A

152.195.19.97
DNS

acctcdn.msftauth.net

msedge.exe

Remote address:

8.8.8.8:53

Request

acctcdn.msftauth.net

IN A

Response

acctcdn.msftauth.net

IN CNAME

acctcdn.trafficmanager.net

acctcdn.trafficmanager.net

IN CNAME

acctcdnvzeuno.azureedge.net

acctcdnvzeuno.azureedge.net

IN CNAME

acctcdnvzeuno.ec.azureedge.net

acctcdnvzeuno.ec.azureedge.net

IN CNAME

scdn1efff.wpc.9da5e.alphacdn.net

scdn1efff.wpc.9da5e.alphacdn.net

IN CNAME

sni1gl.wpc.alphacdn.net

sni1gl.wpc.alphacdn.net

IN A

152.195.19.97
DNS

acctcdnmsftuswe2.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

acctcdnmsftuswe2.azureedge.net

IN A

Response

acctcdnmsftuswe2.azureedge.net

IN CNAME

acctcdnmsftuswe2.afd.azureedge.net

acctcdnmsftuswe2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

acctcdnmsftuswe2.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

acctcdnmsftuswe2.azureedge.net

IN A

Response

acctcdnmsftuswe2.azureedge.net

IN CNAME

acctcdnmsftuswe2.afd.azureedge.net

acctcdnmsftuswe2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

acctcdnvzeuno.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

acctcdnvzeuno.azureedge.net

IN A

Response

acctcdnvzeuno.azureedge.net

IN CNAME

acctcdnvzeuno.ec.azureedge.net

acctcdnvzeuno.ec.azureedge.net

IN CNAME

scdn1efff.wpc.9da5e.alphacdn.net

scdn1efff.wpc.9da5e.alphacdn.net

IN CNAME

sni1gl.wpc.alphacdn.net

sni1gl.wpc.alphacdn.net

IN A

152.195.19.97
DNS

acctcdnvzeuno.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

acctcdnvzeuno.azureedge.net

IN A

Response

acctcdnvzeuno.azureedge.net

IN CNAME

acctcdnvzeuno.ec.azureedge.net

acctcdnvzeuno.ec.azureedge.net

IN CNAME

scdn1efff.wpc.9da5e.alphacdn.net

scdn1efff.wpc.9da5e.alphacdn.net

IN CNAME

sni1gl.wpc.alphacdn.net

sni1gl.wpc.alphacdn.net

IN A

152.195.19.97
DNS

lgincdnmsftuswe2.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

lgincdnmsftuswe2.azureedge.net

IN A

Response

lgincdnmsftuswe2.azureedge.net

IN CNAME

lgincdnmsftuswe2.afd.azureedge.net

lgincdnmsftuswe2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

lgincdnmsftuswe2.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

lgincdnmsftuswe2.azureedge.net

IN A

Response

lgincdnmsftuswe2.azureedge.net

IN CNAME

lgincdnmsftuswe2.afd.azureedge.net

lgincdnmsftuswe2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

lgincdnvzeuno.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

lgincdnvzeuno.azureedge.net

IN A

Response

lgincdnvzeuno.azureedge.net

IN CNAME

lgincdnvzeuno.ec.azureedge.net

lgincdnvzeuno.ec.azureedge.net

IN CNAME

cs1227.wpc.alphacdn.net

cs1227.wpc.alphacdn.net

IN A

192.229.211.199
DNS

lgincdnvzeuno.azureedge.net

msedge.exe

Remote address:

8.8.8.8:53

Request

lgincdnvzeuno.azureedge.net

IN A

Response

lgincdnvzeuno.azureedge.net

IN CNAME

lgincdnvzeuno.ec.azureedge.net

lgincdnvzeuno.ec.azureedge.net

IN CNAME

cs1227.wpc.alphacdn.net

cs1227.wpc.alphacdn.net

IN A

192.229.211.199
DNS

logincdn.msftauth.net

msedge.exe

Remote address:

8.8.8.8:53

Request

logincdn.msftauth.net

IN A

Response

logincdn.msftauth.net

IN CNAME

lgincdn.trafficmanager.net

lgincdn.trafficmanager.net

IN CNAME

lgincdnvzeuno.azureedge.net

lgincdnvzeuno.azureedge.net

IN CNAME

lgincdnvzeuno.ec.azureedge.net

lgincdnvzeuno.ec.azureedge.net

IN CNAME

cs1227.wpc.alphacdn.net

cs1227.wpc.alphacdn.net

IN A

192.229.211.199
DNS

logincdn.msftauth.net

msedge.exe

Remote address:

8.8.8.8:53

Request

logincdn.msftauth.net

IN A

Response

logincdn.msftauth.net

IN CNAME

lgincdn.trafficmanager.net

lgincdn.trafficmanager.net

IN CNAME

lgincdnvzeuno.azureedge.net

lgincdnvzeuno.azureedge.net

IN CNAME

lgincdnvzeuno.ec.azureedge.net

lgincdnvzeuno.ec.azureedge.net

IN CNAME

cs1227.wpc.alphacdn.net

cs1227.wpc.alphacdn.net

IN A

192.229.211.199
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

msedge.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 8054
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
upload-time: 1696903888339
dnt: 1
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-3.2.13
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: 1cfc1aff02e4437889594f14c4cad289-5bf9ec06-73a3-4827-a5e7-d709ff3d3b12-6941
client-id: NO_AUTH
accept: */*
origin: https://www.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=9c3db1f49a18493a985289be34c9c95d
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9UAa%252b9p1Nvxai6DDtW3OygC8f0Ll1R4wkO4z%252bbZEIax%252fb%252fTXJA%252bxaEUoIgMe2owpApdJg6tyL66zgQzX73UQ5KmX6jK9f88%252bcZbOMhmf6eR%252baCuai9XF%252bZB2qL8ONukqzUNVXAm99exPVmhA41jUpdwgWzN7beVrxaepjnRX1Z99pI4cmCbkXt0QCAh%252fenZD8y0iwqxmLhow5A77hohv12NVLe19wuyojMKQh%252bAV3oBUTxifi8UWAbNAd%252fCNyN2xhQ%253d%253d

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=239893f40e7a47c2b3a056fd33421d95&HASH=2398&LV=202310&V=4&LU=1696903890101; Domain=.microsoft.com; Expires=Wed, 09 Oct 2024 02:11:30 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=d6b04e08cad242929e8d4eb56fb79b09; Domain=.microsoft.com; Expires=Tue, 10 Oct 2023 02:41:30 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1762
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://www.microsoft.com
access-control-expose-headers: time-delta-millis
date: Tue, 10 Oct 2023 02:11:30 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

msedge.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 22849
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
upload-time: 1696903889705
dnt: 1
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-3.2.7
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888
client-id: NO_AUTH
accept: */*
origin: https://www.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=9c3db1f49a18493a985289be34c9c95d
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9UAa%252b9p1Nvxai6DDtW3OygC8f0Ll1R4wkO4z%252bbZEIax%252fb%252fTXJA%252bxaEUoIgMe2owpApdJg6tyL66zgQzX73UQ5KmX6jK9f88%252bcZbOMhmf6eR%252baCuai9XF%252bZB2qL8ONukqzUNVXAm99exPVmhA41jUpdwgWzN7beVrxaepjnRX1Z99pI4cmCbkXt0QCAh%252fenZD8y0iwqxmLhow5A77hohv12NVLe19wuyojMKQh%252bAV3oBUTxifi8UWAbNAd%252fCNyN2xhQ%253d%253d

Response

HTTP/2.0 200

content-length: 154
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=1bdedd70c5944370adb16c1d19313529&HASH=1bde&LV=202310&V=4&LU=1696903890632; Domain=.microsoft.com; Expires=Wed, 09 Oct 2024 02:11:30 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=b9e6a7506f7841c5be4f656c22159661; Domain=.microsoft.com; Expires=Tue, 10 Oct 2023 02:41:30 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 927
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://www.microsoft.com
access-control-expose-headers: time-delta-millis
date: Tue, 10 Oct 2023 02:11:30 GMT
POST

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

msedge.exe

Remote address:

52.182.143.208:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: browser.events.data.microsoft.com
content-length: 8669
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
upload-time: 1696903889786
dnt: 1
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-3.2.13
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis: 1762
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: 1cfc1aff02e4437889594f14c4cad289-5bf9ec06-73a3-4827-a5e7-d709ff3d3b12-6941
client-id: NO_AUTH
accept: */*
origin: https://www.microsoft.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.microsoft.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: MUID=9c3db1f49a18493a985289be34c9c95d
cookie: fptctx2=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9UAa%252b9p1Nvxai6DDtW3OygC8f0Ll1R4wkO4z%252bbZEIax%252fb%252fTXJA%252bxaEUoIgMe2owpApdJg6tyL66zgQzX73UQ5KmX6jK9f88%252bcZbOMhmf6eR%252baCuai9XF%252bZB2qL8ONukqzUNVXAm99exPVmhA41jUpdwgWzN7beVrxaepjnRX1Z99pI4cmCbkXt0QCAh%252fenZD8y0iwqxmLhow5A77hohv12NVLe19wuyojMKQh%252bAV3oBUTxifi8UWAbNAd%252fCNyN2xhQ%253d%253d
cookie: MC1=GUID=239893f40e7a47c2b3a056fd33421d95&HASH=2398&LV=202310&V=4&LU=1696903890101
cookie: MS0=d6b04e08cad242929e8d4eb56fb79b09

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1065
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://www.microsoft.com
access-control-expose-headers: time-delta-millis
date: Tue, 10 Oct 2023 02:11:30 GMT
DNS

67.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.31.126.40.in-addr.arpa

IN PTR

Response
DNS

208.143.182.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

208.143.182.52.in-addr.arpa

IN PTR

Response
DNS

199.211.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

199.211.229.192.in-addr.arpa

IN PTR

Response
DNS

97.19.195.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.19.195.152.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

2.136.104.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.136.104.51.in-addr.arpa

IN PTR

Response
DNS

135.1.85.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

135.1.85.104.in-addr.arpa

IN PTR

Response

135.1.85.104.in-addr.arpa

IN PTR

a104-85-1-135deploystaticakamaitechnologiescom
DNS

135.1.85.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

135.1.85.104.in-addr.arpa

IN PTR

Response

135.1.85.104.in-addr.arpa

IN PTR

a104-85-1-135deploystaticakamaitechnologiescom
DNS

119.110.54.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

119.110.54.20.in-addr.arpa

IN PTR

Response
DNS

240.81.21.72.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.81.21.72.in-addr.arpa

IN PTR

Response
DNS

1.202.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.202.248.87.in-addr.arpa

IN PTR

Response

1.202.248.87.in-addr.arpa

IN PTR

https-87-248-202-1amsllnwnet
DNS

88.156.103.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.156.103.20.in-addr.arpa

IN PTR

Response
DNS

88.156.103.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.156.103.20.in-addr.arpa

IN PTR

Response
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317300907_1P5PYDY7ZYGO534HR&pid=21.2&w=1920&h=1080&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317300907_1P5PYDY7ZYGO534HR&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 432696
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 34EFC183B75949C593A868435109718D Ref B: BRU30EDGE0621 Ref C: 2023-10-10T02:12:03Z
date: Tue, 10 Oct 2023 02:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301417_1HAO9MU1YYNEL08DS&pid=21.2&w=1080&h=1920&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301417_1HAO9MU1YYNEL08DS&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 150779
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 361804D1C50243EE88AA2B986C3CD4C8 Ref B: BRU30EDGE0621 Ref C: 2023-10-10T02:12:03Z
date: Tue, 10 Oct 2023 02:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317300984_1U4S330V4ADUBL082&pid=21.2&w=1920&h=1080&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317300984_1U4S330V4ADUBL082&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 494968
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 293BBA0544FB437A927F1EAED74DD7F3 Ref B: BRU30EDGE0621 Ref C: 2023-10-10T02:12:03Z
date: Tue, 10 Oct 2023 02:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301217_1LGEUWZHPMKMEMITB&pid=21.2&w=1920&h=1080&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301217_1LGEUWZHPMKMEMITB&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 347587
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4CB24BE026AA4C27AAEEA886DC423227 Ref B: BRU30EDGE0621 Ref C: 2023-10-10T02:12:03Z
date: Tue, 10 Oct 2023 02:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301340_1R332YF001UV1FL5P&pid=21.2&w=1080&h=1920&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301340_1R332YF001UV1FL5P&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 151655
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B667AA0BB0DA470BA693DAEC657A8132 Ref B: BRU30EDGE0621 Ref C: 2023-10-10T02:12:03Z
date: Tue, 10 Oct 2023 02:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301626_12UQHHQXE25HHMLCY&pid=21.2&w=1080&h=1920&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301626_12UQHHQXE25HHMLCY&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 324642
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF6F3E4958DB42AA84E77B8305FC5664 Ref B: BRU30EDGE0621 Ref C: 2023-10-10T02:12:03Z
date: Tue, 10 Oct 2023 02:12:02 GMT
DNS

48.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.229.111.52.in-addr.arpa

IN PTR

Response
DNS

8.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.173.189.20.in-addr.arpa

IN PTR

Response
DNS

8.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.173.189.20.in-addr.arpa

IN PTR

Response

104.21.22.225:443

https://4jv2zzt96ihx7ht2xox7.1yyq2tt.ru/giaf/

tls, http2

msedge.exe

1.9kB
9.4kB
17
17

HTTP Request

GET https://4jv2zzt96ihx7ht2xox7.1yyq2tt.ru/giaf/

HTTP Response

200
2.18.121.68:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

msedge.exe

468 B
1.7kB
7
6

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
192.0.78.27:443

href.li

tls

msedge.exe

1.0kB
6.2kB
10
10
192.0.78.27:443

https://href.li/https://www.google.com/amp/s/bing.com%2Fck%2Fa%3F%21%26%26p%3D5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw%26ptn%3D3%26hsh%3D3%26fclid%3D1e4358b9-cc07-662a-2426-4b29cd0e6708%26u%3Da1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg%26ntb%3D1

tls, http2

msedge.exe

2.2kB
7.4kB
16
19

HTTP Request

GET https://href.li/https://www.google.com/amp/s/bing.com%2Fck%2Fa%3F%21%26%26p%3D5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw%26ptn%3D3%26hsh%3D3%26fclid%3D1e4358b9-cc07-662a-2426-4b29cd0e6708%26u%3Da1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg%26ntb%3D1
104.17.2.184:443

https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js

tls, http2

msedge.exe

2.1kB
15.7kB
20
25

HTTP Request

GET https://challenges.cloudflare.com/turnstile/v0/api.js

HTTP Response

302

HTTP Request

GET https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js

HTTP Response

200
151.101.1.229:443

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

tls, http2

msedge.exe

2.1kB
32.8kB
22
34

HTTP Request

GET https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

HTTP Response

200
13.107.21.200:443

https://bing.com/ck/a?!&&p=5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw&ptn=3&hsh=3&fclid=1e4358b9-cc07-662a-2426-4b29cd0e6708&u=a1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg&ntb=1

tls, http2

msedge.exe

2.2kB
10.5kB
16
20

HTTP Request

GET https://bing.com/ck/a?!&&p=5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw&ptn=3&hsh=3&fclid=1e4358b9-cc07-662a-2426-4b29cd0e6708&u=a1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg&ntb=1

HTTP Response

301
88.221.24.48:443

https://www.bing.com/ck/a?!&&p=5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw&ptn=3&hsh=3&fclid=1e4358b9-cc07-662a-2426-4b29cd0e6708&u=a1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg&ntb=1&toWww=1&redig=C487224EFAF1447EA1D2AD5878BC8F4C

tls, http2

msedge.exe

2.3kB
9.5kB
18
24

HTTP Request

GET https://www.bing.com/ck/a?!&&p=5c46c8daa4da83c6JmltdHM9MTY5NjI5MTIwMCZpZ3VpZD0xZTQzNThiOS1jYzA3LTY2MmEtMjQyNi00YjI5Y2QwZTY3MDgmaW5zaWQ9NTAwMw&ptn=3&hsh=3&fclid=1e4358b9-cc07-662a-2426-4b29cd0e6708&u=a1aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi1BVS9taWNyb3NvZnQtMzY1L2ZyZWUtb2ZmaWNlLW9ubGluZS1mb3ItdGhlLXdlYg&ntb=1&toWww=1&redig=C487224EFAF1447EA1D2AD5878BC8F4C

HTTP Response

200
104.85.1.163:443

www.microsoft.com

tls, http2

msedge.exe

1.1kB
7.4kB
12
16
104.85.1.163:443

https://www.microsoft.com/favicon.ico?v2

tls, http2

msedge.exe

24.5kB
730.7kB
367
576

HTTP Request

GET https://www.microsoft.com/en-AU/microsoft-365/free-office-online-for-the-web

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/main-m365.min.ACSHASH1a14ebf8a17177418f8a582c20c738b0.css

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-ext/main-m365.min.ACSHASH902dd1e162e1410f006c5c1f3867b0cd.css

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-base.min.ACSHASHc5871451778c8e6454258da6f73224b7.css

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-events.min.ACSHASH1e1e807a22bd65d9f61a48a38d6e7faa.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-uhf.min.ACSHASHf9f2395c582fa601707b7a5dfae9f05f.css

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-polyfills.min.ACSHASHf381d5147c85ee687ea8fbef32c83d37.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-jquery.min.ACSHASH35986a813756f39ab6b922979ffedb03.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-jquery-cookie.min.ACSHASH20aafdf6904d3dc5db0e0e33abbfc1a4.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/clientlibs/exp-analytics/v1.min.ACSHASH4cffc2c9b55f8bde649e0d2535a1eebd.js

HTTP Request

GET https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/92-14707b/74-888e54?ver=2.0&_cf=20210618

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/components/content/universalheader/v1/universalheader/clientlibs/site.min.ACSHASH4a2c06fd33b93cde144b578363a889af.js

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/components/content/feature/v1/feature/clientlibs/site.min.ACSHASH42ba89a4096a012bdfd80f51fc4b936f.js

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/components/content/dynamic-feature/v1/dynamic-feature/clientlibs/site.min.ACSHASHf834ecc43df9754fbcd8a6bb1078e89e.js

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-product-pricing.min.ACSHASH4f83a20cad6fed343c3830586c882696.js

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-product-pricing.min.ACSHASHde5a77dc6cdb73df9c3096397924a3f0.css

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/components/content/image/v1/image/clientlibs.min.ACSHASH4402231c6c651d105bb28a0781aa644e.css

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/components/content/simple-form/v1/simple-form/clientlibs/sms-email.min.ACSHASHb9157749ae59ee03f78a9825e228517a.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/components/content/areaheading/v1/areaheading/clientlibs/site.min.ACSHASHf3ce0716faf38b81e39f92e91d6f05dc.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/components/content/footnotes/v1/footnotes/clientlibs/site.min.ACSHASH40203e0bb3e24fd4626d84825f55e9c5.css

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/components/content/footnotes/v1/footnotes/clientlibs/site.min.ACSHASHa6065760b0ee53b0ca1e0f57d165ca1c.js

HTTP Request

GET https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/5b-6eff60/b0-07f293/1e-9d9d16/52-f0367f/af-abd754/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=20210618&iife=1

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/main-m365.min.ACSHASH1315b52070fe169b25b7b0a6e3667170.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-ext/main-m365.min.ACSHASHa760728ce5bdc04f3965db30038cbe0c.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-base.min.ACSHASH9664e3d4eae25f97830251e3e5b20248.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-site.min.ACSHASH4c1f1c6a4ff877c820e56e5ab869262b.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/clientlibs/clientlib-httpclient.min.ACSHASHdb9337465e1d526f2fff5b4bc44978f0.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-cookieconsent.min.ACSHASH96f0c5b1219e39b8788028f5c17a5ad9.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-cookievalidator.min.ACSHASH3db5cf9fd3fab92b3889302c8de78d1b.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/components/structure/page/clientlibs/featurecontrol.min.ACSHASHc22ea5b46f3fcad90da0abcc0a3f73d4.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASHfcb6e8a20d1f1a35b553b673e5f5403d.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-chat.min.ACSHASHfa6f56b2d3037982772378233706c9af.css

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-chat.min.ACSHASH34e3440e73ee943fc9802fcad4720cba.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-market-layer.min.ACSHASH551a5d1b5ebf715e3f78c311a57fa1d7.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/microsoft/clientlibs/exp-cookiecomp/v1.min.ACSHASHc343dfb005ac8c14ae0dd22dd17fb2fc.js

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/cascade.component.authoring/clientlibs/clientlib-greenid.min.ACSHASH383b23d12df0d9265d7569a7102c2f96.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/etc.clientlibs/onecloud/clientlibs/clientlib-mwf-new/resources/fonts/MWFFluentIcons.woff2

HTTP Response

200

HTTP Request

GET https://www.microsoft.com/favicon.ico?v2

HTTP Response

200
23.207.104.5:443

https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4OCI2

tls, http

msedge.exe

3.3kB
30.3kB
21
33

HTTP Request

GET https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4OFm4

HTTP Response

200

HTTP Request

GET https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4OxzH

HTTP Response

200

HTTP Request

GET https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4OCI2

HTTP Response

200
152.199.4.33:443

https://az725175.vo.msecnd.net/scripts/jsll-4.js

tls, http2

msedge.exe

2.6kB
28.4kB
23
32

HTTP Request

GET https://az725175.vo.msecnd.net/scripts/jsll-4.js

HTTP Response

200
23.207.104.5:443

query.prod.cms.rt.microsoft.com

tls

msedge.exe

908 B
515 B
7
8
13.107.246.67:443

https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js

tls, http2

msedge.exe

3.4kB
90.6kB
50
75

HTTP Request

GET https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js

HTTP Response

200
104.110.240.160:443

https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Story3PPforWeb_2x_RE3Boa4?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain

tls, http2

msedge.exe

24.8kB
735.8kB
438
558

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/LinkedIn-29?scl=1

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Twitter-34?scl=1

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Blog?scl=1

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/HeroImage_2x_RE3ByzZ?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=800&qlt=99&fmt=png-alpha&fit=constrain

HTTP Response

200

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/AnywhereAccessIcon_2x_RE3EpFE?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=786&hei=40&qlt=90&fmt=png-alpha&fit=constrain

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/FamiliarExperienceIcon_2x_RE3ExtO?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=786&hei=40&qlt=90&fmt=png-alpha&fit=constrain

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/WorkwAnyoneIcon_2x_RE3ECGB?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=786&hei=40&qlt=90&fmt=png-alpha&fit=constrain

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/image_RWPhd0?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=297&qlt=85

HTTP Response

200

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Story1WordforWeb_2x_RE3ByA5?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain

HTTP Response

200

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Story2ExcelforWeb_2x_RE3BqLE?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain

HTTP Response

200

HTTP Request

GET https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/Story3PPforWeb_2x_RE3Boa4?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=826&hei=631&qlt=100&fmt=png-alpha&fit=constrain

HTTP Response

200
104.110.240.160:443

cdn-dynmedia-1.microsoft.com

tls, http2

msedge.exe

1.1kB
5.9kB
12
13
104.110.240.160:443

cdn-dynmedia-1.microsoft.com

tls, http2

msedge.exe

1.1kB
5.9kB
12
13
13.107.246.67:443

https://mem.gfx.ms/me/mecache?partner=officeproducts&wreply=https%3A%2F%2Fwww.microsoft.com

tls, http2

msedge.exe

2.5kB
19.3kB
23
28

HTTP Request

GET https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-au&uhf=1

HTTP Response

200

HTTP Request

GET https://mem.gfx.ms/me/mecache?partner=officeproducts&wreply=https%3A%2F%2Fwww.microsoft.com

HTTP Response

200
13.107.246.67:443

https://mem.gfx.ms/scripts/me/MeControl/10.23212.1/en-US/meCore.min.js

tls, http2

msedge.exe

3.3kB
59.2kB
43
56

HTTP Request

GET https://mem.gfx.ms/scripts/me/MeControl/10.23212.1/en-US/meBoot.min.js

HTTP Response

200

HTTP Request

GET https://mem.gfx.ms/scripts/me/MeControl/10.23212.1/en-US/meCore.min.js

HTTP Response

200
52.167.30.171:443

https://fpt.microsoft.com/images/Clear.PNG?ctx=Wlcb1.0&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&tkt=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%2f5iuBWoV%2f3YVyB%2b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%2fiyXZgianNlkoEoHgYyI8bSZwMWvBgtbelQpdZrQA%2fDy5P015eLUgpf9rUtr%2bsmps6ZuUoV5kED9Unk2icOoBNc9uMwmvagvJ8WIJnpcZBLKos6R%2feENGMX2Wj4afM8NoJA5oX4EsgYhEMw8Rf%2bZO0%2ffJR22v2YUF%2b%2fm06l9epmSoPrIb0aKLJKbCCYm9Btiy19sM5rUD3NRGprgVX

tls, http2

msedge.exe

7.8kB
20.6kB
31
35

HTTP Request

GET https://fpt.microsoft.com/tags?session_id=f5177fde-12d5-41df-b799-401ad0823a2e

HTTP Response

200

HTTP Request

GET https://fpt.microsoft.com/Images/Clear.PNG?ctx=jscb1.0&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&CustomerId=02C58649-E822-405B-B6C3-17A7509D2FCC&esi=YnVhPU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3Jm9zPVdpbjMyJmxwcm9jPTgmb2w9dHJ1ZSZydHQ9MTAwJmNocm09dHJ1ZSZwcm9zdWI9MjAwMzAxMDcmZXZhbD0zMyZhcHB2PTUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjEzMSBTYWZhcmkvNTM3LjM2IEVkZy85Mi4wLjkwMi42NyZwcj0xJnNyPTEyODB4NzIwJnNjZD0yNCZhc3I9MTI4MHg2ODAmdHo9MCZkc3Q9MCZ0em89MCZibD1lbi1VUyZtdGg9YTg4MmFiY2RjNzdkZGZkZjllYTg0MTE0NzA2YjlhN2EmbXRuPTQmcG49MyZwaD1lYzVlYmFlMDYyMWJkYzEzMGFlOTFiMTllNjE5NzY1OCZwPXBsdWdpbl9mbGFzaCUzRGZhbHNlJTI2cGx1Z2luX3dpbmRvd3NfbWVkaWFfcGxheWVyJTNEZmFsc2UlMjZwbHVnaW5fYWRvYmVfYWNyb2JhdCUzRGZhbHNlJTI2cGx1Z2luX3NpbHZlcmxpZ2h0JTNEZmFsc2UlMjZwbHVnaW5fcXVpY2t0aW1lJTNEZmFsc2UlMjZwbHVnaW5fc2hvY2t3YXZlJTNEZmFsc2UlMjZwbHVnaW5fcmVhbHBsYXllciUzRGZhbHNlJTI2cGx1Z2luX3ZsY19wbGF5ZXIlM0RmYWxzZSUyNnBsdWdpbl9kZXZhbHZyJTNEZmFsc2UlMjZwbHVnaW5fc3ZnX3ZpZXdlciUzRGZhbHNlJTI2cGx1Z2luX2phdmElM0RmYWxzZSZsaD1odHRwcyUzQSUyRiUyRmZwdC5taWNyb3NvZnQuY29tJTJGdGFncyUzRnNlc3Npb25faWQlM0RmNTE3N2ZkZS0xMmQ1LTQxZGYtYjc5OS00MDFhZDA4MjNhMmUmZHI9aHR0cHMlM0ElMkYlMkZ3d3cubWljcm9zb2Z0LmNvbSUyRiZ3PThEQkM5MzYzNkFDQTZGRCZpZD05YzNkYjFmNC05YTE4LTQ5M2EtOTg1Mi04OWJlMzRjOWM5NWQmYT0mYz03NDRmMWExMmVkOTc0OGYyNTExMDAwMWI1NmRkODAxMw==&eci=eyJ1dmRyIjoiR29vZ2xlIEluYy4gKE5WSURJQSkiLCJ1cmRyIjoiQU5HTEUgKE5WSURJQSwgTlZJRElBIEdlRm9yY2UgUlRYIDMwNjAgVGkgRGlyZWN0M0QxMSB2c181XzAgcHNfNV8wLCBEM0QxMS0xMC4wLjE5MDQxLjU0NikiLCJ2ZHIiOiJXZWJLaXQiLCJyZHIiOiJXZWJLaXQgV2ViR0wiLCJpZHVoIjoiMDFmNTY4YTRjNDUwMjUyZjlmZTMyMDE5NmZhZDk4NWIifQ==&u1=&u3=10.0&u4=x86&u5=undefined

HTTP Request

GET https://fpt2.microsoft.com/Clear.HTML?ctx=Ls1.0&wl=True&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&id=9c3db1f4-9a18-493a-9852-89be34c9c95d&w=8DBC93636ACA6FD&tkt=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%252f5iuBWoV%252f3YVyB%252b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%252fiyXZgianNlkoEoHgY%252fMexPY0h16oL5OlA9AVqU32kUw%252bTHzpnN2rB0mW8W4bJo8fqDbrQ4boK3BGHH4UhE10uNfkEKxPAyvaj7n61zHs3vLwQbLyC7f%252f53dKMCoiBoxCH%252fh4hFh0%252fOU%252bKSkyt4Uhq5Ex54XmFSkef3SMP5V28XZDuR75npTaa%252fBTLLt5jcLWqC%252b16qTWUF9qwKUTa&CustomerId=02C58649-E822-405B-B6C3-17A7509D2FCC

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://fpt.microsoft.com/images/Clear.PNG?ctx=Wlcb1.0&session_id=f5177fde-12d5-41df-b799-401ad0823a2e&tkt=H3ihr9e92IdW6yd1ZgQ9Sz4bj6XMGo9empP83sM5eweB3j4s8%2f5iuBWoV%2f3YVyB%2b2uQTj1Blu0Jtz4bBjitn9bp1BLEeDFAqLVT1SOhtxanhH5%2fiyXZgianNlkoEoHgYyI8bSZwMWvBgtbelQpdZrQA%2fDy5P015eLUgpf9rUtr%2bsmps6ZuUoV5kED9Unk2icOoBNc9uMwmvagvJ8WIJnpcZBLKos6R%2feENGMX2Wj4afM8NoJA5oX4EsgYhEMw8Rf%2bZO0%2ffJR22v2YUF%2b%2fm06l9epmSoPrIb0aKLJKbCCYm9Btiy19sM5rUD3NRGprgVX

HTTP Response

200
13.107.246.67:443

https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.7.gbl.min.js

tls, http2

msedge.exe

5.5kB
43.2kB
40
46

HTTP Request

GET https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.7.gbl.min.js

HTTP Response

200
96.16.109.56:443

https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RC3845794034964e32934c4dad4bdff728-source.min.js

tls, http2

msedge.exe

5.6kB
44.7kB
38
55

HTTP Request

GET https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/launch-41185cd0b005.min.js

HTTP Response

200

HTTP Request

GET https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RCbec314109be34962999dbad4041375a8-source.min.js

HTTP Response

200

HTTP Request

GET https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RCb827b2d874d8436fa48a7c19baf01bf1-source.min.js

HTTP Response

200

HTTP Request

GET https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RC3845794034964e32934c4dad4bdff728-source.min.js

HTTP Response

200
52.182.143.208:443

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

tls, http2

msedge.exe

1.8kB
7.5kB
12
14

HTTP Request

OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200
13.107.246.67:443

acctcdn.msauth.net

tls, http2

msedge.exe

1.1kB
7.1kB
9
13
152.195.19.97:443

acctcdn.msftauth.net

tls, http2

msedge.exe

1.2kB
7.6kB
13
16
52.182.143.208:443

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

tls, http2

msedge.exe

52.6kB
11.7kB
61
62

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Request

POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Response

200
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.3kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.3kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.3kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.3kB
16
14
204.79.197.200:443

https://tse1.mm.bing.net/th?id=OADD2.10239317301626_12UQHHQXE25HHMLCY&pid=21.2&w=1080&h=1920&c=4

tls, http2

67.3kB
2.0MB
1436
1431

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317300907_1P5PYDY7ZYGO534HR&pid=21.2&w=1920&h=1080&c=4

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301417_1HAO9MU1YYNEL08DS&pid=21.2&w=1080&h=1920&c=4

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317300984_1U4S330V4ADUBL082&pid=21.2&w=1920&h=1080&c=4

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301217_1LGEUWZHPMKMEMITB&pid=21.2&w=1920&h=1080&c=4

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301340_1R332YF001UV1FL5P&pid=21.2&w=1080&h=1920&c=4

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301626_12UQHHQXE25HHMLCY&pid=21.2&w=1080&h=1920&c=4

HTTP Response

200

8.8.8.8:53

146.78.124.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

146.78.124.51.in-addr.arpa
8.8.8.8:53

73.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

73.31.126.40.in-addr.arpa
8.8.8.8:53

4jv2zzt96ihx7ht2xox7.1yyq2tt.ru

dns

msedge.exe

77 B
109 B
1
1

DNS Request

4jv2zzt96ihx7ht2xox7.1yyq2tt.ru

DNS Response

104.21.22.225

172.67.207.139
8.8.8.8:53

apps.identrust.com

dns

msedge.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

2.18.121.68

2.18.121.70
8.8.8.8:53

8.3.197.209.in-addr.arpa

dns

70 B
111 B
1
1

DNS Request

8.3.197.209.in-addr.arpa
8.8.8.8:53

108.211.229.192.in-addr.arpa

dns

74 B
145 B
1
1

DNS Request

108.211.229.192.in-addr.arpa
8.8.8.8:53

225.22.21.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

225.22.21.104.in-addr.arpa
8.8.8.8:53

68.121.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

68.121.18.2.in-addr.arpa
8.8.8.8:53

133.113.22.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

133.113.22.20.in-addr.arpa
8.8.8.8:53

href.li

dns

msedge.exe

53 B
85 B
1
1

DNS Request

href.li

DNS Response

192.0.78.27

192.0.78.26
8.8.8.8:53

challenges.cloudflare.com

dns

msedge.exe

71 B
103 B
1
1

DNS Request

challenges.cloudflare.com

DNS Response

104.17.2.184

104.17.3.184
8.8.8.8:53

cdn.jsdelivr.net

dns

msedge.exe

62 B
160 B
1
1

DNS Request

cdn.jsdelivr.net

DNS Response

151.101.1.229

151.101.65.229

151.101.129.229

151.101.193.229
8.8.8.8:53

bing.com

dns

msedge.exe

54 B
86 B
1
1

DNS Request

bing.com

DNS Response

13.107.21.200

204.79.197.200
8.8.8.8:53

27.78.0.192.in-addr.arpa

dns

70 B
135 B
1
1

DNS Request

27.78.0.192.in-addr.arpa
8.8.8.8:53

184.2.17.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

184.2.17.104.in-addr.arpa
8.8.8.8:53

229.1.101.151.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

229.1.101.151.in-addr.arpa
8.8.8.8:53

100.39.251.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

100.39.251.142.in-addr.arpa
8.8.8.8:53

226.21.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

226.21.18.104.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

msedge.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

104.85.1.163
8.8.8.8:53

41.110.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

41.110.16.96.in-addr.arpa
8.8.8.8:53

200.21.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

200.21.107.13.in-addr.arpa
8.8.8.8:53

48.24.221.88.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

48.24.221.88.in-addr.arpa
8.8.8.8:53

26.35.223.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

26.35.223.20.in-addr.arpa
8.8.8.8:53

163.1.85.104.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

163.1.85.104.in-addr.arpa
8.8.8.8:53

query.prod.cms.rt.microsoft.com

dns

msedge.exe

77 B
184 B
1
1

DNS Request

query.prod.cms.rt.microsoft.com

DNS Response

23.207.104.5
8.8.8.8:53

az725175.vo.msecnd.net

dns

msedge.exe

68 B
113 B
1
1

DNS Request

az725175.vo.msecnd.net

DNS Response

152.199.4.33
8.8.8.8:53

5.104.207.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

5.104.207.23.in-addr.arpa
8.8.8.8:53

183.59.114.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

183.59.114.20.in-addr.arpa
8.8.8.8:53

33.4.199.152.in-addr.arpa

dns

71 B
142 B
1
1

DNS Request

33.4.199.152.in-addr.arpa
8.8.8.8:53

wcpstatic.microsoft.com

dns

msedge.exe

69 B
256 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.67

13.107.213.67
8.8.8.8:53

cdn-dynmedia-1.microsoft.com

dns

msedge.exe

74 B
195 B
1
1

DNS Request

cdn-dynmedia-1.microsoft.com

DNS Response

104.110.240.160

104.110.240.65
8.8.8.8:53

mem.gfx.ms

dns

msedge.exe

56 B
273 B
1
1

DNS Request

mem.gfx.ms

DNS Response

13.107.246.67

13.107.213.67
8.8.8.8:53

67.246.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

67.246.107.13.in-addr.arpa
8.8.8.8:53

160.240.110.104.in-addr.arpa

dns

74 B
141 B
1
1

DNS Request

160.240.110.104.in-addr.arpa
8.8.8.8:53

69.121.18.2.in-addr.arpa

dns

140 B
266 B
2
2

DNS Request

69.121.18.2.in-addr.arpa

DNS Request

69.121.18.2.in-addr.arpa
8.8.8.8:53

fpt.microsoft.com

dns

msedge.exe

126 B
364 B
2
2

DNS Request

fpt.microsoft.com

DNS Request

fpt.microsoft.com

DNS Response

52.167.30.171

DNS Response

52.167.30.171
8.8.8.8:53

js.monitor.azure.com

dns

msedge.exe

132 B
546 B
2
2

DNS Request

js.monitor.azure.com

DNS Response

13.107.246.67

13.107.213.67

DNS Request

js.monitor.azure.com

DNS Response

13.107.246.67

13.107.213.67
8.8.8.8:53

assets.adobedtm.com

dns

msedge.exe

130 B
330 B
2
2

DNS Request

assets.adobedtm.com

DNS Response

96.16.109.56

DNS Request

assets.adobedtm.com

DNS Response

96.16.109.56
8.8.8.8:53

fpt2.microsoft.com

dns

msedge.exe

64 B
183 B
1
1

DNS Request

fpt2.microsoft.com

DNS Response

52.167.30.171
8.8.8.8:53

56.109.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

56.109.16.96.in-addr.arpa
8.8.8.8:53

171.30.167.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

171.30.167.52.in-addr.arpa
8.8.8.8:53

browser.events.data.microsoft.com

dns

msedge.exe

79 B
203 B
1
1

DNS Request

browser.events.data.microsoft.com

DNS Response

52.182.143.208
224.0.0.251:5353

msedge.exe

519 B
8
8.8.8.8:53

acctcdn.msauth.net

dns

msedge.exe

64 B
284 B
1
1

DNS Request

acctcdn.msauth.net

DNS Response

13.107.246.67

13.107.213.67
8.8.8.8:53

acctcdn.msftauth.net

dns

msedge.exe

132 B
512 B
2
2

DNS Request

acctcdn.msftauth.net

DNS Request

acctcdn.msftauth.net

DNS Response

152.195.19.97

DNS Response

152.195.19.97
8.8.8.8:53

acctcdnmsftuswe2.azureedge.net

dns

msedge.exe

152 B
510 B
2
2

DNS Request

acctcdnmsftuswe2.azureedge.net

DNS Request

acctcdnmsftuswe2.azureedge.net

DNS Response

13.107.246.67

13.107.213.67

DNS Response

13.107.246.67

13.107.213.67
8.8.8.8:53

acctcdnvzeuno.azureedge.net

dns

msedge.exe

146 B
376 B
2
2

DNS Request

acctcdnvzeuno.azureedge.net

DNS Request

acctcdnvzeuno.azureedge.net

DNS Response

152.195.19.97

DNS Response

152.195.19.97
8.8.8.8:53

lgincdnmsftuswe2.azureedge.net

dns

msedge.exe

152 B
510 B
2
2

DNS Request

lgincdnmsftuswe2.azureedge.net

DNS Request

lgincdnmsftuswe2.azureedge.net

DNS Response

13.107.246.67

13.107.213.67

DNS Response

13.107.246.67

13.107.213.67
8.8.8.8:53

lgincdnvzeuno.azureedge.net

dns

msedge.exe

146 B
308 B
2
2

DNS Request

lgincdnvzeuno.azureedge.net

DNS Request

lgincdnvzeuno.azureedge.net

DNS Response

192.229.211.199

DNS Response

192.229.211.199
8.8.8.8:53

logincdn.msftauth.net

dns

msedge.exe

134 B
446 B
2
2

DNS Request

logincdn.msftauth.net

DNS Request

logincdn.msftauth.net

DNS Response

192.229.211.199

DNS Response

192.229.211.199
8.8.8.8:53

67.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

67.31.126.40.in-addr.arpa
8.8.8.8:53

208.143.182.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

208.143.182.52.in-addr.arpa
8.8.8.8:53

199.211.229.192.in-addr.arpa

dns

74 B
145 B
1
1

DNS Request

199.211.229.192.in-addr.arpa
8.8.8.8:53

97.19.195.152.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

97.19.195.152.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

2.136.104.51.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

2.136.104.51.in-addr.arpa
8.8.8.8:53

135.1.85.104.in-addr.arpa

dns

142 B
270 B
2
2

DNS Request

135.1.85.104.in-addr.arpa

DNS Request

135.1.85.104.in-addr.arpa
8.8.8.8:53

119.110.54.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

119.110.54.20.in-addr.arpa
8.8.8.8:53

240.81.21.72.in-addr.arpa

dns

71 B
142 B
1
1

DNS Request

240.81.21.72.in-addr.arpa
8.8.8.8:53

1.202.248.87.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

1.202.248.87.in-addr.arpa
8.8.8.8:53

88.156.103.20.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

88.156.103.20.in-addr.arpa

DNS Request

88.156.103.20.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

124 B
346 B
2
2

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

48.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

48.229.111.52.in-addr.arpa
8.8.8.8:53

8.173.189.20.in-addr.arpa

dns

142 B
314 B
2
2

DNS Request

8.173.189.20.in-addr.arpa

DNS Request

8.173.189.20.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bf009481892dd0d1c49db97428428ede

SHA1
aee4e7e213f6332c1629a701b42335eb1a035c66

SHA256
18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

SHA512
d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
864B

MD5
7ec10e5568969a34dbae15d105f20447

SHA1
94a724feae58927f3ddab779abb21f1f1cf9d2f9

SHA256
44aa03af52c4050ae78138b5ff7ba046cb785b0dde322f027d85976d66bc0b6d

SHA512
d41b4eb170b3252e4de6d0cd100e22b88843ed87ccd81401fe35b2ef5df46c5575f88dc70b33e9fcb55d61ae5012dc520b7ef0bac825d58278fb40a22a5ae811

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e883c54ee1d1b3a826a60af43721abfa

SHA1
558e42ef204c66d0d31edd82fb75f87aa40d1ad1

SHA256
08c61cced9bf1b2ec6eb6e15cebf714a3fa15154da9d92a32724045073f2e974

SHA512
0d14aa91106f03f257aec36d9826580bac06dde10e89d42da77f3bf458ade3b0f735c8b3cbd6e038254c61eaf917c81edd8f53e137ef6e22fd0ba9ae2153131a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5a9f01fdfebf62b94d170655d84ea7e3

SHA1
2981be35451768db2edda1f15f34bbae63eb5ebb

SHA256
606df3d1b8781f3905bdf6630340d846ccb9e372eb26cb78ba6db3f00a94b29a

SHA512
ade4015d97ffb178a4ad3364848b41edc26ecfbd42526c81f3b5608b6f87d3e5c4a51fe9aaaa0c4c0b201e5b977eea5055359ff4b2c2125e24ba0c8c8718bc7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4d8243de94ef3c7e3fdd6c7346167b95

SHA1
f608aab0935aeaba77853318c45e4cf75b1bf548

SHA256
4d58cd2e61a5b6686b8292614dc5f2cef4bbad3eb4caf7034284bc6eb878c4a4

SHA512
71107e7e62096e35e75a155a5d0c8dd789d90cc5c30f198315c836ea43ef5d628cbc5003f906b4fe50e1328aa75262b9f6e392fa2fdcb1ce1ba3abc541140567

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
25ac77f8c7c7b76b93c8346e41b89a95

SHA1
5a8f769162bab0a75b1014fb8b94f9bb1fb7970a

SHA256
8ad26364375358eac8238a730ef826749677c62d709003d84e758f0e7478cc4b

SHA512
df64a3593882972f3b10c997b118087c97a7fa684cd722624d7f5fb41d645c605d59a89eccf7518570ff9e73b4310432c4bb5864ee58e78c0743c0c1606853a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
662e543e4780477707913de8a514d967

SHA1
651dc17b3365b28ca5ecb2515a48707dafc57a86

SHA256
e93d41f0e701c7173ef63ee92bf60fa6e3d4710f33918c7f9d673b650ed97694

SHA512
4659f8d29e9ea933d8f63f1d49477f2d80cfafa673681b9f54138bbb94835772be5750b6856409f6f5100b26ec6e76a40ea75221ab35abb7446a5607c0e50c62

Download Submit
memory/5552-229-0x000001BAAAB40000-0x000001BAAAB50000-memory.dmp

Filesize
64KB

Download
memory/5552-245-0x000001BAAAC40000-0x000001BAAAC50000-memory.dmp

Filesize
64KB

Download
memory/5552-261-0x000001BAB2F60000-0x000001BAB2F61000-memory.dmp

Filesize
4KB

Download
memory/5552-263-0x000001BAB2F90000-0x000001BAB2F91000-memory.dmp

Filesize
4KB

Download
memory/5552-264-0x000001BAB2F90000-0x000001BAB2F91000-memory.dmp

Filesize
4KB

Download
memory/5552-265-0x000001BAB30A0000-0x000001BAB30A1000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response