hxxp://tastethemagictogether[.]co[.]uk

Analysis

max time kernel
149s
max time network
151s
platform
windows10-1703_x64
resource
win10-20231215-ja
resource tags

arch:x64arch:x86image:win10-20231215-jalocale:ja-jpos:windows10-1703-x64systemwindows
submitted
25/12/2023, 15:47 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://tastethemagictogether.co.uk

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 5 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdge.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe

Checks processor information in registry 2 TTPs 3 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	EXCEL.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	EXCEL.EXE
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	EXCEL.EXE

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	EXCEL.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily	EXCEL.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	EXCEL.EXE

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main\OperationalData = "1"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tastethemagictogether.co.	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tastethemagictogether.co.uk\ = "82"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = d8b2bedf4937da01	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$vBulletin 4	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\IsSignedIn = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-Revision = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 7a71a0f44937da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = dd2fd0b94937da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\Certificates	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CRLs	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\DynamicCodePolicy = 00000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "268435456"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = d448c0bf4937da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\MrtCache	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\FileVersion = "2016061511"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\Certificates	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x1414\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\""	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = fd499bd44937da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\Certificates	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$WordPress	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History\CacheLimit = "1"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2595843030-3811137303-3031389247-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
4808	EXCEL.EXE

Suspicious behavior: MapViewOfSection 6 IoCs

pid	Process
492	MicrosoftEdgeCP.exe
492	MicrosoftEdgeCP.exe
492	MicrosoftEdgeCP.exe
492	MicrosoftEdgeCP.exe
492	MicrosoftEdgeCP.exe
492	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeDebugPrivilege	4868	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4868	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4868	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4868	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2724	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2724	MicrosoftEdgeCP.exe

Suspicious use of SetWindowsHookEx 9 IoCs

pid	Process
640	MicrosoftEdge.exe
492	MicrosoftEdgeCP.exe
4868	MicrosoftEdgeCP.exe
492	MicrosoftEdgeCP.exe
4808	EXCEL.EXE
4808	EXCEL.EXE
4808	EXCEL.EXE
4808	EXCEL.EXE
4808	EXCEL.EXE

Suspicious use of WriteProcessMemory 19 IoCs

description	pid	Process	procid_target
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 4804	492	MicrosoftEdgeCP.exe	78
PID 492 wrote to memory of 636	492	MicrosoftEdgeCP.exe	85
PID 492 wrote to memory of 636	492	MicrosoftEdgeCP.exe	85
PID 492 wrote to memory of 636	492	MicrosoftEdgeCP.exe	85
PID 492 wrote to memory of 636	492	MicrosoftEdgeCP.exe	85
PID 492 wrote to memory of 636	492	MicrosoftEdgeCP.exe	85
PID 492 wrote to memory of 636	492	MicrosoftEdgeCP.exe	85

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "http://tastethemagictogether.co.uk"
1⤵
PID:3404

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:640

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:2944

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:492

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4868

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4804

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:2724

C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE"
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:4808

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:636

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:4344

Network

DNS

tastethemagictogether.co.uk

MicrosoftEdge.exe

Remote address:

8.8.8.8:53

Request

tastethemagictogether.co.uk

IN A

Response

tastethemagictogether.co.uk

IN A

104.21.78.117

tastethemagictogether.co.uk

IN A

172.67.220.158
DNS

tastethemagictogether.co.uk

MicrosoftEdge.exe

Remote address:

8.8.8.8:53

Request

tastethemagictogether.co.uk

IN A
GET

http://tastethemagictogether.co.uk/

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:80

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, image/jxr, */*
Accept-Language: ja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
Accept-Encoding: gzip, deflate
Host: tastethemagictogether.co.uk
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Mon, 25 Dec 2023 15:47:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 25 Dec 2023 16:47:57 GMT
Location: https://tastethemagictogether.co.uk/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0L3mhlNUROV5P3UuJovUSw98y4%2B5v8I4pMpb4oF7gIAw4xUzIAkPr4DuJuTXQidBHdvTo3twjKgBazOVTZhvKk%2BUcbLRn%2F9t4yKHzL90LXPo316ihYZLfb4XJuFCpld3C2V3yq%2F80Fxh5vmVqk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 83b239b9dd0a7332-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET / HTTP/2.0
host: tastethemagictogether.co.uk
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 302

date: Mon, 25 Dec 2023 15:48:01 GMT
content-length: 0
location: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
set-cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5;Path=/;HttpOnly;Secure;Domain=tastethemagictogether.co.uk
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231225T154801Z-urzpctffe12axa1exgyvxck0kg00000000zg000000000125
x-cache: CONFIG_NOCACHE
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHupdDEwCqw0lhib3F2IQhvCCFS0p6AkMvj1b6Eqk09Vc3hyUv97P2lVaL7a2jnEFQK6SIjbDS8%2FhJbPDwOPWwPnSO%2BJWTVZcWCrFXXxdVYr%2F%2Fm3KnTnuxAyDmNHaRdXVhTiNbchmexIbkTEq8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b239d80ae563dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /Account/Index?ReturnUrl=%2F HTTP/2.0
host: tastethemagictogether.co.uk
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231225T154802Z-urzpctffe12axa1exgyvxck0kg00000000zg00000000012f
x-cache: CONFIG_NOCACHE
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lG5cJSNJb1SgHpVnSHvpCjZ%2FAHX7MP9bdAbeZASdWuK6%2F%2BzxcuQeQx54epmZ6Aa2JAZmpqALxhdKsdbVFNoHUylSbFecXchWiA83Jid5GSEfqv8fZGIhCUYyFIfhn4AHl3ATF%2FO4f9mX96%2FTqAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b239daedff63dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/css/style.css?v=iGW3G3go3LHZ3VlDPn3WcwnLk7JbeZwRrTDNpvwG3aI

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /css/style.css?v=iGW3G3go3LHZ3VlDPn3WcwnLk7JbeZwRrTDNpvwG3aI HTTP/2.0
host: tastethemagictogether.co.uk
accept: text/css, */*
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:02 GMT
content-type: text/css
etag: W/"1da29f363432f29"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231225T140450Z-9vad700f6d0d77uk0y6kfzuq9800000000m000000000enuq
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 6192
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBIRhYqdKSRUby7%2FK9sOe%2FjLCdxQ3qj5N67vHSU4%2B9OrUZP%2BS0jAida%2F8qBNEhn2pH7zLrulx1Mb3tjKWBkYybrQMvJcO4%2BjAtG8Ycx8egPEmsr%2BXfEgZKIfjjkgD4DA6JbK12GtzsF1Ajzy2AA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b239db8eec63dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/images/banner-title_bgremoved_lquip.png

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /images/banner-title_bgremoved_lquip.png HTTP/2.0
host: tastethemagictogether.co.uk
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:02 GMT
content-type: image/png
content-length: 3521
etag: "1da29f363435bc1"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231225T063403Z-93gda93ust1u51d51a2pt7kzmc00000004kg0000000059c0
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 3964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32zB8ftGU44Co3lW1OTOWLPghlaPFi%2FxUaq9CEhVWScz0s8J%2F9uUKX4jEWFoaS5h4tekS2MM%2Ft3XJRQJRWSitzdH7p9PkHsHJhAQNe4CGkAyIHeXWOvlVflTkNYRoCOhddf1NYwqH8Bq8PBP6%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239db8ef863dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/images/cookie-modal-header-title_lquip.png

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /images/cookie-modal-header-title_lquip.png HTTP/2.0
host: tastethemagictogether.co.uk
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:02 GMT
content-type: application/javascript
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
etag: W/"1da29f363435839"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AiSJZQAAAAAm2lLh5f7xRpawu8Yv96/BTE9OMjFFREdFMTgxNgBjZjBlMzhkMS1jMjI4LTQyZDktODViMC04YzkyMDNmMjA3Y2Y=
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NP4X2gGgft0E7dKcxKOY5VRZhkpjjkYwvnlPUVRqVV7wAQwzFAOqRzsEa9LbY1kVRXtAeeVy06cvLLgkGBjUcAeqlbnFBzppUIRurEptjl3M43LzU6oeAwaSawWceNuWjeiSxnOErK8MRrH22SM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b239db8efb63dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/js/site.js?v=_irKM67g1RAanVUNzThH2AvETnC_M_ESNNuHIZWLvVA

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /js/site.js?v=_irKM67g1RAanVUNzThH2AvETnC_M_ESNNuHIZWLvVA HTTP/2.0
host: tastethemagictogether.co.uk
accept: application/javascript, */*;q=0.8
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:02 GMT
content-type: image/png
content-length: 2466
etag: "1da29f363435fa2"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231223T104635Z-00hmbsuwm12szbecfpn4zznd1c00000001500000000058ae
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 6976
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReM0rruz8Tqbx7LBu7XRH73HmYGQ3kATRzQ4fdUfLk1i8HgUM3Tn9O4sQfSVohNpzOkbqzDfyqIp992%2Fmf%2BZauimkBs4RtiaIITIoZnMY08GuVCtoUCKfJSpxKkgoo7CA73z1MILzcqcHvYAytc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239db8efa63dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/js/footer-script-stripped.js?v=OmJyJYolkRTmrfYr2XKFzqhc9Gs_6CvNZXauh08Ua3A

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /js/footer-script-stripped.js?v=OmJyJYolkRTmrfYr2XKFzqhc9Gs_6CvNZXauh08Ua3A HTTP/2.0
host: tastethemagictogether.co.uk
accept: application/javascript, */*;q=0.8
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:03 GMT
content-type: application/javascript
etag: W/"1da29f36343756d"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231224T091332Z-4vhymn71dh6rbb92rc322kh6zw00000002kg00000000enmn
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 6978
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5kdJS9r5d8ro9Tlyt73xpBisC755Y%2F590YE5mNZSPxwml%2F%2BtJOQHq57KSDr6kXFteG%2FPSEdzVKyYvP9VQN1cRMV%2Beqw09Qsq3x0imkSA5XHXuPJsQSftjVjvKBzJmnbL3am9GJ3qqiR%2BFKvnHw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b239dfaa9263dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/js/script-dist.js?v=iVURUV3dQ2JFgWbH_o1DNRUC-5YrpeAzQKjKDwpduEc

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /js/script-dist.js?v=iVURUV3dQ2JFgWbH_o1DNRUC-5YrpeAzQKjKDwpduEc HTTP/2.0
host: tastethemagictogether.co.uk
accept: application/javascript, */*;q=0.8
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:03 GMT
content-type: application/javascript
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
etag: W/"1da29f363437942"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0TZ9zZQAAAAAVC1lyAoP5RK6L+mxe02lVTE9OMjFFREdFMTYxNwBjZjBlMzhkMS1jMjI4LTQyZDktODViMC04YzkyMDNmMjA3Y2Y=
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGfcxu4476bSznrpd%2FSDWYhEc7K4%2BwNhMMy5SfveSwxBuFMLYMjYsx6BZmIM6B%2F%2BmLGuXiz%2FbfAobs8rdj4l0QRuTS4NoRDn13Tr645Ha%2Bf18Su4X2ESQQwq6us5MhZODPEXx%2Bl2jRnbHeN1zrc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b239dfaa9363dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/fonts/tccc-unitytext-regular.woff2

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /fonts/tccc-unitytext-regular.woff2 HTTP/2.0
host: tastethemagictogether.co.uk
accept: */*
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://tastethemagictogether.co.uk
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: font/woff2
content-length: 61884
etag: "1da29f36343a7bc"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231224T083240Z-wptnxdbm793633dnn5y8ymte44000000036g000000000edn
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 1365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUk1quh58pT4MxtjsRYieVuPLPMc7MYIBheKcQCMYtPFLwnTmvUc59MURx8Q1EVkZ7KmssZ4%2FDdVfVwG20aZRC%2BdkorL%2B%2F1W%2Fm%2BXC%2FkzxtqR9d7%2F5eL6HrpLWPZeIXuJJA0FonaQO6MsXiMIwRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239f97fa963dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/fonts/tccc-unitytext-medium.woff2

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /fonts/tccc-unitytext-medium.woff2 HTTP/2.0
host: tastethemagictogether.co.uk
accept: */*
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://tastethemagictogether.co.uk
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: font/woff2
content-length: 61616
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
etag: "1da29f36343a6b0"
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0qOyHZQAAAAAeSUa3RE9JRYxlfvyxpRlzTE9OMjFFREdFMTgxMQBjZjBlMzhkMS1jMjI4LTQyZDktODViMC04YzkyMDNmMjA3Y2Y=
cache-control: max-age=14400
cf-cache-status: HIT
age: 1365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oa9SJZ6oieZ8QLTw6tTNGbPJn%2BwV5bfYwl%2Bn3c%2Fg4gTDp%2FWKVk2XVIA1dJ9RBRLcDGjXzazTQrtWK4ueB3gZB1VRmvNsiQaIJNcYw%2BvnA6xmPcNViEQLEQbXsglvJY1lADgMt1HPuMb6PnSvYF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239f97fa663dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/fonts/tccc-unitytext-bold.woff2

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /fonts/tccc-unitytext-bold.woff2 HTTP/2.0
host: tastethemagictogether.co.uk
accept: */*
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://tastethemagictogether.co.uk
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: font/woff2
content-length: 55332
etag: "1da29f363438e24"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231224T083240Z-n783tfraxp1xdamh142b1pxpkw000000035g00000000103g
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 1365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI78EzKWj1jPIQI0mLGqPNRBnTzcG9NMB3mfgCYL2RrWD6W11TQ3qYhJG1fC0sr0Xj3FJRQgIztdqJpFk%2BuR8aq4nRilcMWOGiA0%2BUaJD7YPEt8arZ6QuNtdl2vpQ0MnL6fdLr13lde2XCghk%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239f97fa763dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/cdn-cgi/challenge-platform/scripts/jsd/main.js

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/2.0
host: tastethemagictogether.co.uk
accept: application/javascript, */*;q=0.8
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 302

date: Mon, 25 Dec 2023 15:48:07 GMT
cache-control: max-age=300, public
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=078IbA2vRQRJTJTjpAiKNO7SfrQSdGPOcoPaHhfQbvbyJtk8jti9AuBSfPF5u1BeDOOoHF%2FpbRgaMgVIiCOdcUyPa3cGleM9gNVV5gFGW5KPd0jivDuebsKNo00wnDbWjIuUwbVq3UjC0aKj6Wo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b239f9efe963dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/fonts/tccc-unityheadline-medium.woff2

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /fonts/tccc-unityheadline-medium.woff2 HTTP/2.0
host: tastethemagictogether.co.uk
accept: */*
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://tastethemagictogether.co.uk
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: font/woff2
content-length: 46348
etag: "1da29f36343e30c"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231224T083240Z-43b9sp9x3t6vr3x5mr604u5pd400000002n000000000bqc7
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 1365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9cijYaPRKSeAEfpyoygMPOrm%2FYXUogRfaj56VlZu%2F7l%2BfUOmnVG8sWXBYtXCz44Cgz01bq%2BtwnIa3TsVImO8Lcv%2BlUfEvHEUD221Y3ghPGRGUvp0Sl8QyfZMdGW%2F58%2B1s0ycqf5KtHoJJRXEIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239fa281163dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/fonts/tccc-unityheadline-bold.woff2

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /fonts/tccc-unityheadline-bold.woff2 HTTP/2.0
host: tastethemagictogether.co.uk
accept: */*
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://tastethemagictogether.co.uk
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: font/woff2
content-length: 62844
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
etag: "1da29f36343a37c"
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0OUhzZQAAAAAONKNqt1GcSo91i2vpTJNVTE9OMjFFREdFMTYxMQBjZjBlMzhkMS1jMjI4LTQyZDktODViMC04YzkyMDNmMjA3Y2Y=
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XjfNqC%2B1G9Akm8hBwfmQOSjtNIy0SKR0JLAe7MU3OphTt%2FBSc7vR1vDFw%2FZGcKii3mWnevIEtF4kdb7Zmri4lyjEthiWzwT9sMEZgUHC%2F6X4bN7%2F8HUbg%2FhU7OTkazo132cRjSDlaJX9wgGWKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239fa281063dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/fonts/tccc-unityheadline-black.woff2

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /fonts/tccc-unityheadline-black.woff2 HTTP/2.0
host: tastethemagictogether.co.uk
accept: */*
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://tastethemagictogether.co.uk
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: font/woff2
content-length: 56304
etag: "1da29f363438df0"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231225T154807Z-t56yk4eae53wz79uknh1kzm25s00000000k000000000tcms
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6xBbF5%2BOK4xx2on0mzYvKG13xFzNUvrcU%2BLsk7gUwdlR0BNa8jnQl25EosQxiot3%2Fa4BUjI3dJtMjYs6AToPrfhIAqL%2FbY0Gao7kNDY4Ch0RCsMXlxZbmCaX0Otjp0a%2Fb%2FN1kP2%2BicxHhtabl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239fa280d63dc-LHR
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/images/bubble1.svg

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /images/bubble1.svg HTTP/2.0
host: tastethemagictogether.co.uk
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: image/svg+xml
etag: W/"1da29f3634356d3"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231224T211638Z-d4dgu9c5nd443ezu8wmvzsv53400000000kg00000000wsxx
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 377
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22xStj%2FKt6cbTGl818tIzFc5WTelAi3RMKmHIheuw9az8N10cb1Z4hViJan4WMil%2B21r5qxWQgC%2FyuAB2gqdc1ECh6zmwwwyPvKVPDcKH0UBx7%2F9TEUhdy2DI4poSjVNU8CpseiaGGFFf0fLwEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239fc4a1063dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/images/bubble2-unsub.svg

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /images/bubble2-unsub.svg HTTP/2.0
host: tastethemagictogether.co.uk
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpEyf%2BZgRUf4hGNNTn%2FB890o3b%2FdQbYaFnOMgDq9CyNin6lj7juMqbdxyuOUiD2v%2B8AUFQCCtBkqNgVImSfgSnchsmWj2VSkzTLcCyfXzz%2BKhpsGYW%2BSpGzAzIW64M3M1wkkMVBHfp%2F4bgQ8vqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b239fc4a1263dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://tastethemagictogether.co.uk/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js HTTP/2.0
host: tastethemagictogether.co.uk
accept: application/javascript, */*;q=0.8
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: image/svg+xml
etag: W/"1da29f363435508"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231224T211638Z-pe3wpyc1pp4v1bsa23b5ucrn40000000009g00000000ap1m
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 377
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQzsaw05N9tDNneZHQqr1B2S5U4dV%2FodYw3gxcCwl2njjT%2BtqIhZZhM2XnECbWR4JlLkPnDYg%2FnP%2Bdoc2lOEPv8tGu4AkCEmR1C%2FUXQJycigG6WzOsM%2FvDIONzEjT6gw45roJQ8K5I5b6ns6eQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239fc4a1163dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://tastethemagictogether.co.uk/cdn-cgi/challenge-platform/h/g/jsd/r/83b239daedff63dc

MicrosoftEdgeCP.exe

Remote address:

104.21.78.117:443

Request

POST /cdn-cgi/challenge-platform/h/g/jsd/r/83b239daedff63dc HTTP/2.0
host: tastethemagictogether.co.uk
accept: */*
origin: https://tastethemagictogether.co.uk
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
content-type: application/json
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-length: 11489
cache-control: no-cache
cookie: ARRAffinity=5aa32bf49c083dc54a0254ba16b69eebcaa778a555107f71b689313e5aea13a5; ai_user=a3GAMDosmwTXNZC+N2fb7B|2023-12-25T15:48:06.669Z; ai_session=tt9g1WjaagHhWECFc9p5WQ|1703519286690|1703519286690

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:08 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=yzAC_SIVDeaES8PqrNTrWqqCFj3plS5zmrzraxwIAgU-1703519288-0-2-36782e40.8c10ff.617971a0-0.2.1703519288; path=/; expires=Tue, 24-Dec-24 15:48:08 GMT; domain=.tastethemagictogether.co.uk; HttpOnly; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsmKzpQd6qnyVBUMqzJ4xyPDu1MEXMDIOtxlniRDrQgX3rlJp%2FYlTvm9sVoTkYymAOGzZjhfmNAuE0FpOizicsgiEcRDyYt%2BsUMnO%2Bcbdildf%2B57Zi1SwboB%2FGfvjnM5XOARJXoibaNI9LjxG6A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b239fdab7963dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

117.78.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

117.78.21.104.in-addr.arpa

IN PTR

Response
DNS

240.221.184.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.221.184.93.in-addr.arpa

IN PTR

Response
DNS

code.jquery.com

MicrosoftEdgeCP.exe

Remote address:

8.8.8.8:53

Request

code.jquery.com

IN A

Response

code.jquery.com

IN A

151.101.66.137

code.jquery.com

IN A

151.101.2.137

code.jquery.com

IN A

151.101.194.137

code.jquery.com

IN A

151.101.130.137
GET

https://code.jquery.com/ui/1.13.2/jquery-ui.min.js

MicrosoftEdgeCP.exe

Remote address:

151.101.66.137:443

Request

GET /ui/1.13.2/jquery-ui.min.js HTTP/2.0
host: code.jquery.com
accept: application/javascript, */*;q=0.8
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://tastethemagictogether.co.uk
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-3e46c"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 25 Dec 2023 15:48:06 GMT
age: 4442490
x-served-by: cache-lga13623-LGA, cache-lcy-eglc8600075-LCY
x-cache: HIT, HIT
x-cache-hits: 11, 21479
x-timer: S1703519287.956297,VS0,VE0
vary: Accept-Encoding
content-length: 67628
GET

https://code.jquery.com/jquery-3.6.4.min.js

MicrosoftEdgeCP.exe

Remote address:

151.101.66.137:443

Request

GET /jquery-3.6.4.min.js HTTP/2.0
host: code.jquery.com
accept: application/javascript, */*;q=0.8
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://tastethemagictogether.co.uk
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15ec3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 25 Dec 2023 15:48:06 GMT
age: 8717087
x-served-by: cache-lga21953-LGA, cache-lcy-eglc8600075-LCY
x-cache: HIT, HIT
x-cache-hits: 180, 33035
x-timer: S1703519287.956417,VS0,VE0
vary: Accept-Encoding
content-length: 31011
DNS

35.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.200.250.142.in-addr.arpa

IN PTR

Response

35.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f31e100net
DNS

137.66.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.66.101.151.in-addr.arpa

IN PTR

Response
DNS

137.66.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.66.101.151.in-addr.arpa

IN PTR
DNS

137.66.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.66.101.151.in-addr.arpa

IN PTR
DNS

23.149.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.149.64.172.in-addr.arpa

IN PTR

Response
DNS

23.149.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.149.64.172.in-addr.arpa

IN PTR
DNS

23.149.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.149.64.172.in-addr.arpa

IN PTR
DNS

js.monitor.azure.com

MicrosoftEdgeCP.exe

Remote address:

8.8.8.8:53

Request

js.monitor.azure.com

IN A

Response

js.monitor.azure.com

IN CNAME

aijscdn2.azureedge.net

aijscdn2.azureedge.net

IN CNAME

aijscdn2.afd.azureedge.net

aijscdn2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0016.t-0009.t-msedge.net

shed.dual-low.part-0016.t-0009.t-msedge.net

IN CNAME

part-0016.t-0009.t-msedge.net

part-0016.t-0009.t-msedge.net

IN A

13.107.246.44

part-0016.t-0009.t-msedge.net

IN A

13.107.213.44
GET

https://js.monitor.azure.com/scripts/b/ai.2.min.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.44:443

Request

GET /scripts/b/ai.2.min.js HTTP/2.0
host: js.monitor.azure.com
accept: application/javascript, */*;q=0.8
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1800, immutable, no-transform
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
x-ms-request-id: f94738f4-701e-0055-77f0-357cb2000000
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js
x-ms-meta-aijssdkver: 2.8.16
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20231225T154807Z-dgd82ebzdp71b2ecmxv6tgxg5g00000000ng000000001bbs
x-cache: TCP_HIT
content-encoding: br
GET

https://tastethemagictogether.co.uk/images/favicon/favicon-32x32.png

MicrosoftEdge.exe

Remote address:

104.21.78.117:443

Request

GET /images/favicon/favicon-32x32.png HTTP/2.0
host: tastethemagictogether.co.uk
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1

Response

HTTP/2.0 200

date: Mon, 25 Dec 2023 15:48:07 GMT
content-type: image/png
content-length: 3086
etag: "1da29f363435a0e"
last-modified: Fri, 08 Dec 2023 16:27:08 GMT
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:4d76a767-1761-44a6-8042-34a707bc600b
x-powered-by: ASP.NET
x-azure-ref: 20231225T153133Z-bpg70hrtfh36pehxu7900zv6qw00000001e000000000dqt8
x-cache: CONFIG_NOCACHE
cache-control: max-age=14400
cf-cache-status: HIT
age: 994
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nefEjppgQbhVvmv3jXbLIXqEEY3wy0xaMp%2BENwlmSgPs0HJiysVNWTO0iukP18aIccu5hzHypruZSi41Q1jQ%2F77aOK%2BMcyr7NBBFgvWBbqz94YksMmH4r13Qt795W%2BOUJfZEvcTHw1mFHKvKWHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83b239fd5e907315-LHR
alt-svc: h3=":443"; ma=86400
DNS

44.246.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

44.246.107.13.in-addr.arpa

IN PTR

Response
DNS

uksouth-1.in.applicationinsights.azure.com

MicrosoftEdgeCP.exe

Remote address:

8.8.8.8:53

Request

uksouth-1.in.applicationinsights.azure.com

IN A

Response

uksouth-1.in.applicationinsights.azure.com

IN CNAME

uksouth-1.in.ai.monitor.azure.com

uksouth-1.in.ai.monitor.azure.com

IN CNAME

uksouth-1.in.ai.privatelink.monitor.azure.com

uksouth-1.in.ai.privatelink.monitor.azure.com

IN CNAME

gig-ai-prod-uksouth-0.trafficmanager.net

gig-ai-prod-uksouth-0.trafficmanager.net

IN CNAME

gig-ai-prod-uks-0-app-v4-tag.uksouth.cloudapp.azure.com

gig-ai-prod-uks-0-app-v4-tag.uksouth.cloudapp.azure.com

IN A

20.26.20.65
OPTIONS

https://uksouth-1.in.applicationinsights.azure.com//v2/track

MicrosoftEdgeCP.exe

Remote address:

20.26.20.65:443

Request

OPTIONS //v2/track HTTP/2.0
host: uksouth-1.in.applicationinsights.azure.com
accept: */*
origin: https://tastethemagictogether.co.uk
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
access-control-request-headers: Content-type
access-control-request-method: POST
accept-encoding: gzip, deflate, br
content-length: 0
cache-control: no-cache

Response

HTTP/2.0 204

server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-max-age: 3600
date: Mon, 25 Dec 2023 15:48:07 GMT
POST

https://uksouth-1.in.applicationinsights.azure.com//v2/track

MicrosoftEdgeCP.exe

Remote address:

20.26.20.65:443

Request

POST //v2/track HTTP/2.0
host: uksouth-1.in.applicationinsights.azure.com
accept: */*
origin: https://tastethemagictogether.co.uk
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: application/json
accept-encoding: gzip, deflate, br
content-length: 4494
cache-control: no-cache

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-origin: *
date: Mon, 25 Dec 2023 15:48:07 GMT
content-length: 49
POST

https://uksouth-1.in.applicationinsights.azure.com//v2/track

MicrosoftEdgeCP.exe

Remote address:

20.26.20.65:443

Request

POST //v2/track HTTP/2.0
host: uksouth-1.in.applicationinsights.azure.com
accept: */*
origin: https://tastethemagictogether.co.uk
referer: https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: application/json
accept-encoding: gzip, deflate, br
content-length: 735
cache-control: no-cache

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-origin: *
date: Mon, 25 Dec 2023 15:48:32 GMT
content-length: 49
DNS

65.20.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

65.20.26.20.in-addr.arpa

IN PTR

Response
DNS

161.19.199.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

161.19.199.152.in-addr.arpa

IN PTR

Response
DNS

133.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.32.126.40.in-addr.arpa

IN PTR

Response
DNS

5.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.173.189.20.in-addr.arpa

IN PTR

Response
DNS

www.microsoft.com

MicrosoftEdge.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
GET

https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ

MicrosoftEdgeCP.exe

Remote address:

92.123.241.137:443

Request

GET /en-us/edge/server/download?form=MA13FJ HTTP/2.0
host: www.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
if-none-match: "9797-EldyVNxF53iYo+tOufiIlehtqiY"

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "9797-1MKYdkswJQI/Ka7Gw3v1UY9goWA"
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
content-security-policy: default-src 'self' https://edgestatic-ehf9gbe6gfdfdec4.z01.azurefd.net https://edgestatic.azureedge.net https://*.microsoft.com; script-src 'self' 'self' 'unsafe-eval' 'unsafe-inline' https://ajax.aspnetcdn.com https://az725175.vo.msecnd.net https://*.microsoft.com https://mem.gfx.ms https://edgestatic-ehf9gbe6gfdfdec4.z01.azurefd.net https://edgestatic.azureedge.net https://js.monitor.azure.com https://mwf-service.akamaized.net https://*.clarity.ms https://*.bing.com http://*.bing.com https://acdn.adnxs.com https://connect.facebook.net https://snap.licdn.com; style-src 'self' 'unsafe-inline' https://*.microsoft.com https://statics-marketingsites-wcus-ms-com.akamaized.net https://statics-marketingsites-eus-ms-com.akamaized.net https://statics-marketingsites-neu-ms-com.akamaized.net https://statics-marketingsites-eas-ms-com.akamaized.net https://edgestatic-ehf9gbe6gfdfdec4.z01.azurefd.net https://edgestatic.azureedge.net; font-src 'self' data: https://*.microsoft.com http://c.s-microsoft.com https://c.s-microsoft.com https://edgestatic-ehf9gbe6gfdfdec4.z01.azurefd.net https://edgestatic.azureedge.net; connect-src 'self' http://*.microsoft.com https://*.microsoft.com https://*.bing.com https://*.clarity.ms https://js.monitor.azure.com https://edgestatic-ehf9gbe6gfdfdec4.z01.azurefd.net https://edgestatic.azureedge.net https://consentreceiverfd-prod.azurefd.net https://cdn.linkedin.oribi.io https://*.linkedin.com https://boost.mediation.trafficmanager.net; frame-src 'self' http://*.microsoft.com https://*.microsoft.com https://*.msn.com https://*.msn.cn https://*.bing.com https://www.youtube-nocookie.com; frame-ancestors 'self' https://*.microsoft.com https://*.bing.com; img-src * data:; media-src 'self' https://edgestatic-ehf9gbe6gfdfdec4.z01.azurefd.net https://edgestatic.azureedge.net
x-azure-ref: 20231225T154900Z-qyu0z9m5d937mam8b1kw2gaqq000000004w0000000009smn
date: Mon, 25 Dec 2023 15:49:00 GMT
content-length: 10514
vary: Accept-Encoding
tls_version: tls1.2
ms-cv: CASMicrosoftCV3ac9eeef.0
ms-cv-esi: CASMicrosoftCV3ac9eeef.0
x-rtag: RT
DNS

137.241.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.241.123.92.in-addr.arpa

IN PTR

Response

137.241.123.92.in-addr.arpa

IN PTR

a92-123-241-137deploystaticakamaitechnologiescom
DNS

edgestatic.azureedge.net

MicrosoftEdgeCP.exe

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

star-azureedge-prod.trafficmanager.net

star-azureedge-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0016.t-0009.t-msedge.net

shed.dual-low.part-0016.t-0009.t-msedge.net

IN CNAME

part-0016.t-0009.t-msedge.net

part-0016.t-0009.t-msedge.net

IN A

13.107.246.44

part-0016.t-0009.t-msedge.net

IN A

13.107.213.44
DNS

edgestatic.azureedge.net

MicrosoftEdgeCP.exe

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A
GET

https://ieonline.microsoft.com/iedomainsuggestions/ie11/suggestions.ja-JP

MicrosoftEdge.exe

Remote address:

204.79.197.200:443

Request

GET /iedomainsuggestions/ie11/suggestions.ja-JP HTTP/2.0
host: ieonline.microsoft.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1

Response

HTTP/2.0 200

cache-control: public, max-age=3600
content-length: 17450
content-type: application/octet-stream
etag: HMczYRAM4VNT8lcaA6XVo2S+h9I=
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUID=1B96E751DF576F990B03F4A3DEEC6E17; domain=.microsoft.com; expires=Sat, 18-Jan-2025 15:49:01 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=1B96E751DF576F990B03F4A3DEEC6E17; expires=Sat, 18-Jan-2025 15:49:01 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=3617A56D29736CC33FA6B69F28C86D65; domain=.microsoft.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.microsoft.com; expires=Sat, 18-Jan-2025 15:49:01 GMT; path=/; HttpOnly
set-cookie: SRCHD=AF=NOFORM; domain=.microsoft.com; expires=Sat, 18-Jan-2025 15:49:01 GMT; path=/
set-cookie: SRCHUID=V=2&GUID=FF55E000F49D489D9DC7E2071B72BD75&dmnchg=1; domain=.microsoft.com; expires=Sat, 18-Jan-2025 15:49:01 GMT; path=/
set-cookie: SRCHUSR=DOB=20231225; domain=.microsoft.com; expires=Sat, 18-Jan-2025 15:49:01 GMT; path=/
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.microsoft.com; expires=Sat, 18-Jan-2025 15:49:01 GMT; path=/
set-cookie: _SS=SID=3617A56D29736CC33FA6B69F28C86D65; domain=.microsoft.com; path=/
x-eventid: 6589a46d95ce4717a6a95e80e86d3fa3
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F7D63212B0CD4F598E59159D67BBBE1E Ref B: LON04EDGE0812 Ref C: 2023-12-25T15:49:01Z
date: Mon, 25 Dec 2023 15:49:01 GMT
GET

https://ieonline.microsoft.com/ieflipahead/ie10/rules.xml?mkt=ja-JP

MicrosoftEdge.exe

Remote address:

204.79.197.200:443

Request

GET /ieflipahead/ie10/rules.xml?mkt=ja-JP HTTP/2.0
host: ieonline.microsoft.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1
cookie: MUID=1B96E751DF576F990B03F4A3DEEC6E17; _EDGE_S=F=1&SID=3617A56D29736CC33FA6B69F28C86D65; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=FF55E000F49D489D9DC7E2071B72BD75&dmnchg=1; SRCHUSR=DOB=20231225; SRCHHPGUSR=SRCHLANG=en; _SS=SID=3617A56D29736CC33FA6B69F28C86D65; MUIDB=1B96E751DF576F990B03F4A3DEEC6E17

Response

HTTP/2.0 200

cache-control: public, max-age=3600
content-length: 149710
content-type: application/xml
content-encoding: br
etag: vF/TjShoO/30VWpJm9gYQVnSkwE=
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: _EDGE_S=F=1&SID=3617A56D29736CC33FA6B69F28C86D65&mkt=ja-JP; domain=.microsoft.com; path=/; HttpOnly
set-cookie: MUIDB=1B96E751DF576F990B03F4A3DEEC6E17; expires=Sat, 18-Jan-2025 15:49:01 GMT; path=/; HttpOnly
set-cookie: SRCHHPGUSR=SRCHLANG=ja; domain=.microsoft.com; expires=Thu, 25-Dec-2025 15:49:01 GMT; path=/
x-eventid: 6589a46d89124315927499223e145664
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D517DFF89960487D837F0AF254507CB1 Ref B: LON04EDGE0812 Ref C: 2023-12-25T15:49:01Z
date: Mon, 25 Dec 2023 15:49:01 GMT
GET

https://ieonline.microsoft.com/s/iess/instrument22.cer

MicrosoftEdge.exe

Remote address:

204.79.197.200:443

Request

GET /s/iess/instrument22.cer HTTP/2.0
host: ieonline.microsoft.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1
cookie: MUID=1B96E751DF576F990B03F4A3DEEC6E17; _EDGE_S=F=1&SID=3617A56D29736CC33FA6B69F28C86D65&mkt=ja-JP; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=FF55E000F49D489D9DC7E2071B72BD75&dmnchg=1; SRCHUSR=DOB=20231225; SRCHHPGUSR=SRCHLANG=ja; _SS=SID=3617A56D29736CC33FA6B69F28C86D65; MUIDB=1B96E751DF576F990B03F4A3DEEC6E17

Response

HTTP/2.0 200

cache-control: public, max-age=15552000
content-length: 1605
content-type: text/html
content-encoding: br
last-modified: Thu, 09 Jun 2022 22:28:14 GMT
vary: Accept-Encoding
set-cookie: MUIDB=1B96E751DF576F990B03F4A3DEEC6E17; expires=Sat, 18-Jan-2025 15:49:06 GMT; path=/; HttpOnly
x-eventid: 6589a472a35a42fc92e7c95cdb8099f2
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F61884845D140AE858333255BCED459 Ref B: LON04EDGE0812 Ref C: 2023-12-25T15:49:06Z
date: Mon, 25 Dec 2023 15:49:06 GMT
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
GET

https://edgestatic.azureedge.net/shared/edgeweb/fc015a7.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.44:443

Request

GET /shared/edgeweb/fc015a7.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css; charset=UTF-8
content-encoding: br
last-modified: Sat, 16 Dec 2023 16:17:40 GMT
accept-ranges: bytes
etag: W/"182e9-18c736b4974"
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 0bqSJZQAAAAC6Y54VAu0UQK8mf+hr0uH1TE9OMjFFREdFMTcxMABkYzk0YzYwMy0yYzhiLTQ4M2EtYjJlZC0yYmUyYWIyOGFlMDE=
date: Mon, 25 Dec 2023 15:49:01 GMT
GET

https://edgestatic.azureedge.net/shared/edgeweb/css/0295ecc.css

MicrosoftEdgeCP.exe

Remote address:

13.107.246.44:443

Request

GET /shared/edgeweb/css/0295ecc.css HTTP/2.0
host: edgestatic.azureedge.net
accept: text/css, */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript; charset=UTF-8
content-encoding: br
last-modified: Thu, 21 Dec 2023 22:31:13 GMT
accept-ranges: bytes
etag: W/"1bd7-18c8e8115d0"
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 0bqSJZQAAAAAiaLS1WcYXQrPAUyGZxInhTE9OMjFFREdFMTcxMABkYzk0YzYwMy0yYzhiLTQ4M2EtYjJlZC0yYmUyYWIyOGFlMDE=
date: Mon, 25 Dec 2023 15:49:01 GMT
GET

https://edgestatic.azureedge.net/shared/edgeweb/css/abea44a.css

MicrosoftEdgeCP.exe

Remote address:

13.107.246.44:443

Request

GET /shared/edgeweb/css/abea44a.css HTTP/2.0
host: edgestatic.azureedge.net
accept: text/css, */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript; charset=UTF-8
content-encoding: br
last-modified: Wed, 20 Dec 2023 19:06:47 GMT
accept-ranges: bytes
etag: W/"643c7-18c889f8f95"
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 0bqSJZQAAAADYO7Nk+rcYSZANrh6h/9GkTE9OMjFFREdFMTcxMABkYzk0YzYwMy0yYzhiLTQ4M2EtYjJlZC0yYmUyYWIyOGFlMDE=
date: Mon, 25 Dec 2023 15:49:01 GMT
GET

https://edgestatic.azureedge.net/shared/edgeweb/622dd1f.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.44:443

Request

GET /shared/edgeweb/622dd1f.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css; charset=UTF-8
content-encoding: br
last-modified: Wed, 20 Dec 2023 19:06:46 GMT
accept-ranges: bytes
etag: W/"fad3-18c889f8cc5"
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 0bqSJZQAAAABk4TLXuhT1SZS081PE5RtuTE9OMjFFREdFMTcxMABkYzk0YzYwMy0yYzhiLTQ4M2EtYjJlZC0yYmUyYWIyOGFlMDE=
date: Mon, 25 Dec 2023 15:49:01 GMT
GET

https://edgestatic.azureedge.net/shared/edgeweb/9511894.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.44:443

Request

GET /shared/edgeweb/9511894.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript; charset=UTF-8
content-encoding: br
last-modified: Sat, 16 Dec 2023 16:17:40 GMT
accept-ranges: bytes
etag: W/"831-18c736b4955"
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 0bqSJZQAAAADkGiN306XFTqkSsNABdGsDTE9OMjFFREdFMTcxMABkYzk0YzYwMy0yYzhiLTQ4M2EtYjJlZC0yYmUyYWIyOGFlMDE=
date: Mon, 25 Dec 2023 15:49:01 GMT
GET

https://edgestatic.azureedge.net/shared/edgeweb/1da6be8.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.44:443

Request

GET /shared/edgeweb/1da6be8.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript; charset=UTF-8
content-encoding: br
last-modified: Sat, 16 Dec 2023 16:17:40 GMT
accept-ranges: bytes
etag: W/"8118-18c736b4955"
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 0bqSJZQAAAACllpdPJqUvQoeQ9HCzEJJJTE9OMjFFREdFMTcxMABkYzk0YzYwMy0yYzhiLTQ4M2EtYjJlZC0yYmUyYWIyOGFlMDE=
date: Mon, 25 Dec 2023 15:49:01 GMT
GET

https://edgestatic.azureedge.net/shared/edgeweb/e723d85.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.44:443

Request

GET /shared/edgeweb/e723d85.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript; charset=UTF-8
content-encoding: br
last-modified: Wed, 20 Dec 2023 19:06:46 GMT
accept-ranges: bytes
etag: W/"47e08-18c889f8ca6"
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 0bqSJZQAAAABFnlDZE4L8Qav1tlGNTkrcTE9OMjFFREdFMTcxMABkYzk0YzYwMy0yYzhiLTQ4M2EtYjJlZC0yYmUyYWIyOGFlMDE=
date: Mon, 25 Dec 2023 15:49:01 GMT
GET

https://edgestatic.azureedge.net/shared/edgeweb/fbf5b3f.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.44:443

Request

GET /shared/edgeweb/fbf5b3f.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: ja
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript; charset=UTF-8
content-encoding: br
last-modified: Wed, 20 Dec 2023 19:06:47 GMT
accept-ranges: bytes
etag: W/"1594b1-18c889f8d61"
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 0bqSJZQAAAAAkHQj0Q4D8SpQVzMEtOcFOTE9OMjFFREdFMTcxMABkYzk0YzYwMy0yYzhiLTQ4M2EtYjJlZC0yYmUyYWIyOGFlMDE=
date: Mon, 25 Dec 2023 15:49:01 GMT
DNS

176.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

176.178.17.96.in-addr.arpa

IN PTR

Response

176.178.17.96.in-addr.arpa

IN PTR

a96-17-178-176deploystaticakamaitechnologiescom
DNS

176.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

176.178.17.96.in-addr.arpa

IN PTR
DNS

114.110.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

114.110.16.96.in-addr.arpa

IN PTR

Response

114.110.16.96.in-addr.arpa

IN PTR

a96-16-110-114deploystaticakamaitechnologiescom
GET

https://www.bing.com/cortanaassist/rules?cc=JP&version=6

MicrosoftEdge.exe

Remote address:

92.123.128.185:443

Request

GET /cortanaassist/rules?cc=JP&version=6 HTTP/2.0
host: www.bing.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1

Response

HTTP/2.0 404

cache-control: private
content-length: 46264
content-type: text/html; charset=utf-8
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 6589a472e3594d09b3adfd5c7e0a884a
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-error-page: 404-custom
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D1D7F580BA094806B2844E367032ED34 Ref B: LON04EDGE0919 Ref C: 2023-12-25T15:49:06Z
date: Mon, 25 Dec 2023 15:49:06 GMT
set-cookie: MUID=2837A390127D6C6A16FAB06213C66DAE; domain=.bing.com; expires=Sat, 18-Jan-2025 15:49:06 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2837A390127D6C6A16FAB06213C66DAE; expires=Sat, 18-Jan-2025 15:49:06 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=12AB683D818069E011D17BCF803B680B&mkt=ja-jp; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Sat, 18-Jan-2025 15:49:06 GMT; path=/; HttpOnly
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Thu, 25-Dec-2025 15:49:06 GMT; path=/
set-cookie: SRCHUID=V=2&GUID=61E7757DF2B64119B5F7951E544A8B00&dmnchg=1; domain=.bing.com; expires=Thu, 25-Dec-2025 15:49:06 GMT; path=/
set-cookie: SRCHUSR=DOB=20231225; domain=.bing.com; expires=Thu, 25-Dec-2025 15:49:06 GMT; path=/
set-cookie: SRCHHPGUSR=SRCHLANG=ja; domain=.bing.com; expires=Thu, 25-Dec-2025 15:49:06 GMT; path=/
set-cookie: _SS=SID=12AB683D818069E011D17BCF803B680B; domain=.bing.com; path=/
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.b9777b5c.1703519346.3859fe9d
DNS

185.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

185.128.123.92.in-addr.arpa

IN PTR

Response

185.128.123.92.in-addr.arpa

IN PTR

a92-123-128-185deploystaticakamaitechnologiescom
DNS

175.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.178.17.96.in-addr.arpa

IN PTR

Response

175.178.17.96.in-addr.arpa

IN PTR

a96-17-178-175deploystaticakamaitechnologiescom
DNS

178.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

178.178.17.96.in-addr.arpa

IN PTR

Response

178.178.17.96.in-addr.arpa

IN PTR

a96-17-178-178deploystaticakamaitechnologiescom
DNS

209.143.182.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.143.182.52.in-addr.arpa

IN PTR

Response

104.21.78.117:80

tastethemagictogether.co.uk

MicrosoftEdgeCP.exe

190 B
132 B
4
3
104.21.78.117:80

http://tastethemagictogether.co.uk/

http

MicrosoftEdgeCP.exe

607 B
863 B
6
4

HTTP Request

GET http://tastethemagictogether.co.uk/

HTTP Response

301
52.142.223.178:80

52 B
1
104.21.78.117:443

https://tastethemagictogether.co.uk/cdn-cgi/challenge-platform/h/g/jsd/r/83b239daedff63dc

tls, http2

MicrosoftEdgeCP.exe

37.5kB
409.7kB
377
349

HTTP Request

GET https://tastethemagictogether.co.uk/

HTTP Response

302

HTTP Request

GET https://tastethemagictogether.co.uk/Account/Index?ReturnUrl=%2F

HTTP Response

200

HTTP Request

GET https://tastethemagictogether.co.uk/css/style.css?v=iGW3G3go3LHZ3VlDPn3WcwnLk7JbeZwRrTDNpvwG3aI

HTTP Request

GET https://tastethemagictogether.co.uk/images/banner-title_bgremoved_lquip.png

HTTP Request

GET https://tastethemagictogether.co.uk/images/cookie-modal-header-title_lquip.png

HTTP Request

GET https://tastethemagictogether.co.uk/js/site.js?v=_irKM67g1RAanVUNzThH2AvETnC_M_ESNNuHIZWLvVA

HTTP Request

GET https://tastethemagictogether.co.uk/js/footer-script-stripped.js?v=OmJyJYolkRTmrfYr2XKFzqhc9Gs_6CvNZXauh08Ua3A

HTTP Request

GET https://tastethemagictogether.co.uk/js/script-dist.js?v=iVURUV3dQ2JFgWbH_o1DNRUC-5YrpeAzQKjKDwpduEc

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tastethemagictogether.co.uk/fonts/tccc-unitytext-regular.woff2

HTTP Request

GET https://tastethemagictogether.co.uk/fonts/tccc-unitytext-medium.woff2

HTTP Request

GET https://tastethemagictogether.co.uk/fonts/tccc-unitytext-bold.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tastethemagictogether.co.uk/cdn-cgi/challenge-platform/scripts/jsd/main.js

HTTP Request

GET https://tastethemagictogether.co.uk/fonts/tccc-unityheadline-medium.woff2

HTTP Request

GET https://tastethemagictogether.co.uk/fonts/tccc-unityheadline-bold.woff2

HTTP Request

GET https://tastethemagictogether.co.uk/fonts/tccc-unityheadline-black.woff2

HTTP Request

GET https://tastethemagictogether.co.uk/images/bubble1.svg

HTTP Request

GET https://tastethemagictogether.co.uk/images/bubble2-unsub.svg

HTTP Response

302

HTTP Request

GET https://tastethemagictogether.co.uk/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://tastethemagictogether.co.uk/cdn-cgi/challenge-platform/h/g/jsd/r/83b239daedff63dc

HTTP Response

200

HTTP Response

200
151.101.66.137:443

code.jquery.com

tls, http2

MicrosoftEdgeCP.exe

1.2kB
6.4kB
17
15
151.101.66.137:443

https://code.jquery.com/jquery-3.6.4.min.js

tls, http2

MicrosoftEdgeCP.exe

5.5kB
109.8kB
93
92

HTTP Request

GET https://code.jquery.com/ui/1.13.2/jquery-ui.min.js

HTTP Request

GET https://code.jquery.com/jquery-3.6.4.min.js

HTTP Response

200

HTTP Response

200
13.107.246.44:443

js.monitor.azure.com

tls, http2

MicrosoftEdgeCP.exe

1.2kB
7.6kB
17
15
13.107.246.44:443

https://js.monitor.azure.com/scripts/b/ai.2.min.js

tls, http2

MicrosoftEdgeCP.exe

3.6kB
68.1kB
62
57

HTTP Request

GET https://js.monitor.azure.com/scripts/b/ai.2.min.js

HTTP Response

200
104.21.78.117:443

https://tastethemagictogether.co.uk/images/favicon/favicon-32x32.png

tls, http2

MicrosoftEdge.exe

1.8kB
10.1kB
24
18

HTTP Request

GET https://tastethemagictogether.co.uk/images/favicon/favicon-32x32.png

HTTP Response

200
104.21.78.117:443

tastethemagictogether.co.uk

tls, http2

MicrosoftEdge.exe

1.2kB
6.1kB
17
13
20.26.20.65:443

uksouth-1.in.applicationinsights.azure.com

tls, http2

MicrosoftEdgeCP.exe

1.2kB
6.8kB
16
12
20.26.20.65:443

https://uksouth-1.in.applicationinsights.azure.com//v2/track

tls, http2

MicrosoftEdgeCP.exe

7.6kB
7.5kB
28
17

HTTP Request

OPTIONS https://uksouth-1.in.applicationinsights.azure.com//v2/track

HTTP Response

204

HTTP Request

POST https://uksouth-1.in.applicationinsights.azure.com//v2/track

HTTP Response

200

HTTP Request

POST https://uksouth-1.in.applicationinsights.azure.com//v2/track

HTTP Response

200
52.142.223.178:80

156 B
3
92.123.241.137:443

www.microsoft.com

tls, http2

MicrosoftEdgeCP.exe

1.4kB
7.2kB
20
18
92.123.241.137:443

https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ

tls, http2

MicrosoftEdgeCP.exe

1.9kB
19.7kB
26
25

HTTP Request

GET https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ

HTTP Response

200
204.79.197.200:443

ieonline.microsoft.com

tls, http2

MicrosoftEdge.exe

1.8kB
8.3kB
17
13
204.79.197.200:443

https://ieonline.microsoft.com/s/iess/instrument22.cer

tls, http2

MicrosoftEdge.exe

9.0kB
186.7kB
157
153

HTTP Request

GET https://ieonline.microsoft.com/iedomainsuggestions/ie11/suggestions.ja-JP

HTTP Response

200

HTTP Request

GET https://ieonline.microsoft.com/ieflipahead/ie10/rules.xml?mkt=ja-JP

HTTP Response

200

HTTP Request

GET https://ieonline.microsoft.com/s/iess/instrument22.cer

HTTP Response

200
13.107.246.44:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.7kB
18
15
13.107.246.44:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.4kB
6.9kB
14
10
13.107.246.44:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.8kB
19
16
13.107.246.44:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.8kB
19
17
13.107.246.44:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.1kB
7.0kB
14
13
13.107.246.44:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.0kB
16
13
13.107.246.44:443

https://edgestatic.azureedge.net/shared/edgeweb/fbf5b3f.js

tls, http2

MicrosoftEdgeCP.exe

21.5kB
565.3kB
429
428

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/fc015a7.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/css/0295ecc.css

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/css/abea44a.css

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/622dd1f.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/9511894.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/1da6be8.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/e723d85.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/fbf5b3f.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
13.107.246.44:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.7kB
18
15
92.123.128.185:443

www.bing.com

tls, http2

MicrosoftEdge.exe

1.2kB
4.9kB
16
14
92.123.128.185:443

https://www.bing.com/cortanaassist/rules?cc=JP&version=6

tls, http2

MicrosoftEdge.exe

3.0kB
54.2kB
51
50

HTTP Request

GET https://www.bing.com/cortanaassist/rules?cc=JP&version=6

HTTP Response

404

8.8.8.8:53

tastethemagictogether.co.uk

dns

MicrosoftEdge.exe

146 B
105 B
2
1

DNS Request

tastethemagictogether.co.uk

DNS Request

tastethemagictogether.co.uk

DNS Response

104.21.78.117

172.67.220.158
8.8.8.8:53

117.78.21.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

117.78.21.104.in-addr.arpa
8.8.8.8:53

240.221.184.93.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

240.221.184.93.in-addr.arpa
8.8.8.8:53

code.jquery.com

dns

MicrosoftEdgeCP.exe

61 B
125 B
1
1

DNS Request

code.jquery.com

DNS Response

151.101.66.137

151.101.2.137

151.101.194.137

151.101.130.137
8.8.8.8:53

35.200.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

35.200.250.142.in-addr.arpa
8.8.8.8:53

137.66.101.151.in-addr.arpa

dns

219 B
133 B
3
1

DNS Request

137.66.101.151.in-addr.arpa

DNS Request

137.66.101.151.in-addr.arpa

DNS Request

137.66.101.151.in-addr.arpa
8.8.8.8:53

23.149.64.172.in-addr.arpa

dns

216 B
134 B
3
1

DNS Request

23.149.64.172.in-addr.arpa

DNS Request

23.149.64.172.in-addr.arpa

DNS Request

23.149.64.172.in-addr.arpa
8.8.8.8:53

js.monitor.azure.com

dns

MicrosoftEdgeCP.exe

66 B
282 B
1
1

DNS Request

js.monitor.azure.com

DNS Response

13.107.246.44

13.107.213.44
8.8.8.8:53

44.246.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

44.246.107.13.in-addr.arpa
8.8.8.8:53

uksouth-1.in.applicationinsights.azure.com

dns

MicrosoftEdgeCP.exe

88 B
298 B
1
1

DNS Request

uksouth-1.in.applicationinsights.azure.com

DNS Response

20.26.20.65
8.8.8.8:53

65.20.26.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

65.20.26.20.in-addr.arpa
8.8.8.8:53

161.19.199.152.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

161.19.199.152.in-addr.arpa
8.8.8.8:53

133.32.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

133.32.126.40.in-addr.arpa
8.8.8.8:53

5.173.189.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

5.173.189.20.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

MicrosoftEdge.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

137.241.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

137.241.123.92.in-addr.arpa
8.8.8.8:53

edgestatic.azureedge.net

dns

MicrosoftEdgeCP.exe

140 B
248 B
2
1

DNS Request

edgestatic.azureedge.net

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.44

13.107.213.44
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

176.178.17.96.in-addr.arpa

dns

144 B
137 B
2
1

DNS Request

176.178.17.96.in-addr.arpa

DNS Request

176.178.17.96.in-addr.arpa
8.8.8.8:53

114.110.16.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

114.110.16.96.in-addr.arpa
8.8.8.8:53

185.128.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

185.128.123.92.in-addr.arpa
8.8.8.8:53

175.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

175.178.17.96.in-addr.arpa
8.8.8.8:53

178.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

178.178.17.96.in-addr.arpa
8.8.8.8:53

209.143.182.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

209.143.182.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\MicrosoftEdge\SharedCacheContainers\MicrosoftEdge_iecompat\IECompatData.xml

Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\Q8LQDH9E\tastethemagictogether.co[1].xml

Filesize
13B

MD5
c1ddea3ef6bbef3e7060a1a9ad89e4c5

SHA1
35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

SHA256
b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

SHA512
6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\BACJ7RJO\suggestions[1].ja-JP

Filesize
17KB

MD5
f0e8351230b562572b4b315a1a55004f

SHA1
1cc73361100ce15353f2571a03a5d5a364be87d2

SHA256
650de9892142b102c0cd1f9deca25f93d83c0bb8b5434580c77dd4214a82e1a5

SHA512
3d7dd1a72a000041fe308828c714ac48c463e0022cad3495296d0eb72a0fc85127b3c46cdc0015da25d41e9d22eba887980c301663f37ad86e7ccbc452934d46

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\G51A6F77\favicon-32x32[1].png

Filesize
3KB

MD5
0a63a29f5f5718c0416fde1f218554cc

SHA1
2477b6b9372ef74f8fd29cf91c35ac05f57cc95d

SHA256
fc51d458c601d0fade094d9f410e444a41f9598419d3c137644af31a67b3764c

SHA512
fc59373befac783103ea992b8e09a520b2dca36b724542a307900850f2f3f4dc4cd4ce4b76717ec17b327b1946d9f27936377572e6e40c0ec1895b8f51bade36

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187

Filesize
471B

MD5
386a42392fb982dc145c598e608bcce1

SHA1
288fc0bf610c83d354d9385125eeddde5351f2ad

SHA256
4dd17bad9306b0e98a7a06470577af76002b683b55f3cfcd5a568583bd037551

SHA512
9d09b27f1ef2359e51a77ad5c0a0347960443c88cb3f5eaa1eb852d95e5f60957854d27f919c5104bfe6fa4ba4537f5a0cfb25d68467482aa6b9a98c9dce68cf

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187

Filesize
412B

MD5
158b934f8f291ce340aa5c5f5daaf05f

SHA1
d817ff5e3d5fa9dc8a808b68218498e2852a7fa3

SHA256
e9a85e0134e393a614330ef12aadd1dec40a60f48446588c504a41cc0512254f

SHA512
dfde302d0f427dc48554ffaf7ff168246e7e2d9b18f70a1bcf62116b0397007bad809f766ae1a8e5765cc774d90585629154b9c1e09bc801b7732f89db0c65be

Download Submit
memory/640-0-0x0000023159320000-0x0000023159330000-memory.dmp

Filesize
64KB

Download
memory/640-16-0x0000023159700000-0x0000023159710000-memory.dmp

Filesize
64KB

Download
memory/640-35-0x00000231599D0000-0x00000231599D2000-memory.dmp

Filesize
8KB

Download
memory/640-185-0x0000023161140000-0x0000023161141000-memory.dmp

Filesize
4KB

Download
memory/640-187-0x0000023161150000-0x0000023161151000-memory.dmp

Filesize
4KB

Download
memory/4804-102-0x0000014D48920000-0x0000014D48A20000-memory.dmp

Filesize
1024KB

Download
memory/4804-201-0x0000014D48D30000-0x0000014D48D32000-memory.dmp

Filesize
8KB

Download
memory/4804-113-0x0000014D48EF0000-0x0000014D48EF2000-memory.dmp

Filesize
8KB

Download
memory/4804-119-0x0000014D49150000-0x0000014D49152000-memory.dmp

Filesize
8KB

Download
memory/4804-117-0x0000014D49030000-0x0000014D49032000-memory.dmp

Filesize
8KB

Download
memory/4804-136-0x0000014D48920000-0x0000014D48A20000-memory.dmp

Filesize
1024KB

Download
memory/4804-195-0x0000014D4C2F0000-0x0000014D4C2F2000-memory.dmp

Filesize
8KB

Download
memory/4804-86-0x0000014D481B0000-0x0000014D482B0000-memory.dmp

Filesize
1024KB

Download
memory/4804-204-0x0000014D48D50000-0x0000014D48D52000-memory.dmp

Filesize
8KB

Download
memory/4804-183-0x0000014D4C2C0000-0x0000014D4C2C2000-memory.dmp

Filesize
8KB

Download
memory/4804-68-0x0000014D376E0000-0x0000014D376E2000-memory.dmp

Filesize
8KB

Download
memory/4804-66-0x0000014D37620000-0x0000014D37622000-memory.dmp

Filesize
8KB

Download
memory/4804-63-0x0000014D364E0000-0x0000014D364E2000-memory.dmp

Filesize
8KB

Download
memory/4804-413-0x0000014532E30000-0x0000014532E32000-memory.dmp

Filesize
8KB

Download
memory/4808-243-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-257-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-240-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-237-0x00007FFA288E0000-0x00007FFA288F0000-memory.dmp

Filesize
64KB

Download
memory/4808-244-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-245-0x00007FFA25D90000-0x00007FFA25DA0000-memory.dmp

Filesize
64KB

Download
memory/4808-247-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-248-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-249-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-251-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-250-0x00007FFA25D90000-0x00007FFA25DA0000-memory.dmp

Filesize
64KB

Download
memory/4808-246-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-252-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-254-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-255-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-242-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-256-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-259-0x00007FFA671F0000-0x00007FFA6729E000-memory.dmp

Filesize
696KB

Download
memory/4808-258-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-253-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-261-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-260-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-262-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-264-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-265-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-263-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-410-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-411-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-238-0x00007FFA68850000-0x00007FFA68A2B000-memory.dmp

Filesize
1.9MB

Download
memory/4808-236-0x00007FFA288E0000-0x00007FFA288F0000-memory.dmp

Filesize
64KB

Download
memory/4808-235-0x00007FFA288E0000-0x00007FFA288F0000-memory.dmp

Filesize
64KB

Download
memory/4808-234-0x00007FFA288E0000-0x00007FFA288F0000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response