Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240419-en
  • resource tags

    arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06-05-2024 16:59

General

  • Target

    utorrent_installer(1).exe

  • Size

    1.7MB

  • MD5

    241ce365f228ee5f74d81b3fea14e09a

  • SHA1

    700b05506dd3eebb4b87ff545f6d2bb6af6a3ae3

  • SHA256

    bf4ee47d0df1870104f4fada8a68c2fb29e94fea9284c7bb6a6b385a718d8a18

  • SHA512

    bf3756fb2b037a10592498f08e6eb3bad8f50da4ff9e96703e646a69ea1481e6801023abb3b1aae923fb2c68bb21ae5bb50f8e675b57ff90504c8e7ee8f81593

  • SSDEEP

    49152:9BuZrEUT97LZxMPrlDZFBmS06nIJOZobMP:LkLp/ZSr97Bmb6naO6bs

Malware Config

Signatures

  • Detect ZGRat V1 2 IoCs
  • ZGRat

    ZGRat is remote access trojan written in C#.

  • Drops file in Drivers directory 4 IoCs
  • Identifies Wine through registry keys 2 TTPs 4 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Adds Run key to start application 2 TTPs 3 IoCs
  • Checks for any installed AV software in registry 1 TTPs 6 IoCs
  • Downloads MZ/PE file
  • Enumerates connected drives 3 TTPs 4 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory 1 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Drops file in Program Files directory 64 IoCs
  • Executes dropped EXE 28 IoCs
  • Loads dropped DLL 31 IoCs
  • Registers COM server for autorun 1 TTPs 6 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks SCSI registry key(s) 3 TTPs 4 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 4 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
  • Modifies data under HKEY_USERS 42 IoCs
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 13 IoCs
  • Script User-Agent 1 IoCs

    Uses user-agent string associated with script host/environment.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
  • Suspicious use of AdjustPrivilegeToken 14 IoCs
  • Suspicious use of FindShellTrayWindow 33 IoCs
  • Suspicious use of SendNotifyMessage 15 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\utorrent_installer(1).exe
    "C:\Users\Admin\AppData\Local\Temp\utorrent_installer(1).exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3884
    • C:\Users\Admin\AppData\Local\Temp\is-HJ0RV.tmp\utorrent_installer(1).tmp
      "C:\Users\Admin\AppData\Local\Temp\is-HJ0RV.tmp\utorrent_installer(1).tmp" /SL5="$60054,875149,815616,C:\Users\Admin\AppData\Local\Temp\utorrent_installer(1).exe"
      2⤵
      • Checks for any installed AV software in registry
      • Executes dropped EXE
      • Loads dropped DLL
      • Checks processor information in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:4788
      • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\uTorrent.exe
        "C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\uTorrent.exe" /S /FORCEINSTALL 1110010101111110
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious use of WriteProcessMemory
        PID:2356
        • C:\Users\Admin\AppData\Local\Temp\nssBF1B.tmp\utorrent.exe
          "C:\Users\Admin\AppData\Local\Temp\nssBF1B.tmp\utorrent.exe" /S /FORCEINSTALL 1110010101111110
          4⤵
          • Identifies Wine through registry keys
          • Adds Run key to start application
          • Executes dropped EXE
          • Loads dropped DLL
          • Modifies registry class
          • Suspicious use of AdjustPrivilegeToken
          PID:3632
      • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component0.exe
        "C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component0.exe" -ip:"dui=5d71edc0-98e7-4221-a70b-1dca59a32650&dit=20240506170102&is_silent=true&oc=ZB_RAV_Cross_Tri_NCB&p=707e&a=100&b=&se=true" -vp:"dui=5d71edc0-98e7-4221-a70b-1dca59a32650&dit=20240506170102&oc=ZB_RAV_Cross_Tri_NCB&p=707e&a=100&oip=26&ptl=7&dta=true" -dp:"dui=5d71edc0-98e7-4221-a70b-1dca59a32650&dit=20240506170102&oc=ZB_RAV_Cross_Tri_NCB&p=707e&a=100" -i -v -d -se=true
        3⤵
        • Executes dropped EXE
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of WriteProcessMemory
        PID:2380
        • C:\Users\Admin\AppData\Local\Temp\zpj5uqne.exe
          "C:\Users\Admin\AppData\Local\Temp\zpj5uqne.exe" /silent
          4⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Suspicious use of WriteProcessMemory
          PID:1300
          • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\RAVEndPointProtection-installer.exe
            "C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\RAVEndPointProtection-installer.exe" "C:\Users\Admin\AppData\Local\Temp\zpj5uqne.exe" /silent
            5⤵
            • Drops file in Drivers directory
            • Drops file in Program Files directory
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious behavior: EnumeratesProcesses
            • Suspicious use of AdjustPrivilegeToken
            • Suspicious use of WriteProcessMemory
            PID:1808
            • C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe
              "C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe" -i -bn:ReasonLabs -pn:EPP -lpn:rav_antivirus -url:https://update.reasonsecurity.com/v2/live -dt:10
              6⤵
              • Executes dropped EXE
              PID:2828
            • C:\Windows\system32\rundll32.exe
              "C:\Windows\system32\rundll32.exe" setupapi.dll,InstallHinfSection DefaultInstall 128 C:\Program Files\ReasonLabs\EPP\x64\rsKernelEngine.inf
              6⤵
              • Adds Run key to start application
              PID:4580
              • C:\Windows\system32\runonce.exe
                "C:\Windows\system32\runonce.exe" -r
                7⤵
                • Checks processor information in registry
                PID:4928
                • C:\Windows\System32\grpconv.exe
                  "C:\Windows\System32\grpconv.exe" -o
                  8⤵
                    PID:5388
              • C:\Windows\system32\wevtutil.exe
                "C:\Windows\system32\wevtutil.exe" im C:\Program Files\ReasonLabs\EPP\x64\rsKernelEngineEvents.xml
                6⤵
                • Suspicious use of AdjustPrivilegeToken
                PID:1228
              • C:\Windows\SYSTEM32\fltmc.exe
                "fltmc.exe" load rsKernelEngine
                6⤵
                • Suspicious behavior: LoadsDriver
                • Suspicious use of AdjustPrivilegeToken
                PID:6048
              • C:\Windows\system32\wevtutil.exe
                "C:\Windows\system32\wevtutil.exe" im C:\Program Files\ReasonLabs\EPP\elam\evntdrv.xml
                6⤵
                • Suspicious use of AdjustPrivilegeToken
                PID:660
              • C:\Program Files\ReasonLabs\EPP\rsWSC.exe
                "C:\Program Files\ReasonLabs\EPP\rsWSC.exe" -i -i
                6⤵
                • Executes dropped EXE
                • Modifies system certificate store
                • Suspicious use of AdjustPrivilegeToken
                PID:1336
        • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component1_extract\saBSI.exe
          "C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component1_extract\saBSI.exe" /affid 91082 PaidDistribution=true CountryCode=GB
          3⤵
          • Executes dropped EXE
          • Modifies system certificate store
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of WriteProcessMemory
          PID:2500
          • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component1_extract\installer.exe
            "C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component1_extract\\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade
            4⤵
            • Drops file in Program Files directory
            • Executes dropped EXE
            • Suspicious use of WriteProcessMemory
            PID:4760
            • C:\Program Files\McAfee\Temp1269204435\installer.exe
              "C:\Program Files\McAfee\Temp1269204435\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade
              5⤵
              • Drops file in Program Files directory
              • Executes dropped EXE
              • Modifies system certificate store
              • Suspicious use of WriteProcessMemory
              PID:3504
              • C:\Windows\SYSTEM32\regsvr32.exe
                regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"
                6⤵
                • Suspicious use of WriteProcessMemory
                PID:4624
                • C:\Windows\SysWOW64\regsvr32.exe
                  /s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"
                  7⤵
                  • Loads dropped DLL
                  • Modifies registry class
                  PID:5792
              • C:\Windows\SYSTEM32\regsvr32.exe
                regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\x64\WSSDep.dll"
                6⤵
                • Loads dropped DLL
                • Registers COM server for autorun
                • Modifies registry class
                PID:1608
              • C:\Windows\SYSTEM32\regsvr32.exe
                regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\win32\DownloadScan.dll"
                6⤵
                • Suspicious use of WriteProcessMemory
                PID:5204
                • C:\Windows\SysWOW64\regsvr32.exe
                  /s "C:\Program Files\McAfee\WebAdvisor\win32\DownloadScan.dll"
                  7⤵
                  • Loads dropped DLL
                  • Modifies registry class
                  PID:2332
              • C:\Windows\SYSTEM32\regsvr32.exe
                regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\x64\DownloadScan.dll"
                6⤵
                • Loads dropped DLL
                • Registers COM server for autorun
                • Modifies registry class
                PID:724
        • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2_extract\OperaSetup.exe
          "C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2_extract\OperaSetup.exe" --silent --allusers=0 --otd=utm.medium:apb,utm.source:ais,utm.campaign:opera_new_a
          3⤵
          • Enumerates connected drives
          • Executes dropped EXE
          • Loads dropped DLL
          • Suspicious use of WriteProcessMemory
          PID:3296
          • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2_extract\OperaSetup.exe
            C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2_extract\OperaSetup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=109.0.5097.38 --initial-client-data=0x2b8,0x2bc,0x2c0,0x2b4,0x2c4,0x71d8e1d0,0x71d8e1dc,0x71d8e1e8
            4⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4260
          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\OperaSetup.exe
            "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\OperaSetup.exe" --version
            4⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:8
          • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2_extract\OperaSetup.exe
            "C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2_extract\OperaSetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=0 --run-at-startup=1 --show-intro-overlay --server-tracking-data=server_tracking_data --initial-pid=3296 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_20240506170134" --session-guid=fae8aae4-b438-4a59-b995-af42e4af1974 --server-tracking-blob=YjVkZDJlOGFkOTBiZjFmNjI0MDNkMDJhMzdhZTk2MzU1NWNkMTI1ZmZkZjlhYWM3MDg5ODMyZGZhY2E1NDM1YTp7ImNvdW50cnkiOiJJTCIsImVkaXRpb24iOiJjZGYiLCJpbnN0YWxsZXJfbmFtZSI6Ik9wZXJhU2V0dXAuZXhlIiwicHJvZHVjdCI6eyJuYW1lIjoib3BlcmEifSwicXVlcnkiOiIvZWRpdGlvbi9jZGY/dXRtX2NvbnRlbnQ9Y2RmJnV0bV9tZWRpdW09cGIiLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMSIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTI0NzU3NzIuMDk1MiIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInV0bSI6eyJjYW1wYWlnbiI6Im9wZXJhX25ld19hIiwiY29udGVudCI6ImNkZiIsIm1lZGl1bSI6ImFwYiIsInNvdXJjZSI6ImFpcyJ9LCJ1dWlkIjoiNGQ1NTg2MjEtNjlkNy00Nzk0LTk5ZDMtY2NmODEwMjY4YTg3In0= --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=8805000000000000
            4⤵
            • Enumerates connected drives
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious use of WriteProcessMemory
            PID:2816
            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2_extract\OperaSetup.exe
              C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2_extract\OperaSetup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=109.0.5097.38 --initial-client-data=0x2b0,0x2b4,0x2c4,0x28c,0x2c8,0x70bfe1d0,0x70bfe1dc,0x70bfe1e8
              5⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:1496
          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405061701341\assistant\Assistant_109.0.5097.45_Setup.exe_sfx.exe
            "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405061701341\assistant\Assistant_109.0.5097.45_Setup.exe_sfx.exe"
            4⤵
            • Executes dropped EXE
            PID:1884
          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405061701341\assistant\assistant_installer.exe
            "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405061701341\assistant\assistant_installer.exe" --version
            4⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious use of WriteProcessMemory
            PID:1664
            • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405061701341\assistant\assistant_installer.exe
              "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405061701341\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=109.0.5097.45 --initial-client-data=0x240,0x244,0x248,0x21c,0x24c,0x796038,0x796044,0x796050
              5⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:2176
        • C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
          "C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe"
          3⤵
          • Identifies Wine through registry keys
          • Adds Run key to start application
          • Executes dropped EXE
          • Loads dropped DLL
          • Checks SCSI registry key(s)
          • Modifies Internet Explorer settings
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          PID:5356
          • C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe
            "C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe" uTorrent_5356_00D990A0_1196590130 µTorrent4823DF041B09 uTorrent ce unp
            4⤵
            • Executes dropped EXE
            PID:5472
            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=utorrentie.exe --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=0 --disable-features=msEnhancedTrackingPreventionEnabled --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=5472.3816.16133940179937123622
              5⤵
                PID:2332
                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0xe0,0x114,0x7ff9a08b3cb8,0x7ff9a08b3cc8,0x7ff9a08b3cd8
                  6⤵
                    PID:6060
                  • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1868,257128819464644959,12065563998994799474,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1884 /prefetch:2
                    6⤵
                      PID:1756
                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1868,257128819464644959,12065563998994799474,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --mojo-platform-channel-handle=2016 /prefetch:3
                      6⤵
                        PID:6020
                      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1868,257128819464644959,12065563998994799474,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --mojo-platform-channel-handle=2452 /prefetch:8
                        6⤵
                          PID:804
                    • C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe
                      "C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe" uTorrent_5356_00D997D8_2118173015 µTorrent4823DF041B09 uTorrent ce unp
                      4⤵
                      • Executes dropped EXE
                      PID:2500
                      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=utorrentie.exe --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=0 --disable-features=msEnhancedTrackingPreventionEnabled --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=2500.3956.3097363191148192748
                        5⤵
                          PID:3088
                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x1b4,0x7ff9a08b3cb8,0x7ff9a08b3cc8,0x7ff9a08b3cd8
                            6⤵
                              PID:3272
                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1880,9552803530016221080,12894755972841844893,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1892 /prefetch:2
                              6⤵
                                PID:3348
                              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1880,9552803530016221080,12894755972841844893,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --mojo-platform-channel-handle=1964 /prefetch:3
                                6⤵
                                  PID:4652
                            • C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe
                              "C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe" uTorrent_5356_00D98498_1993894855 µTorrent4823DF041B09 uTorrent ce unp
                              4⤵
                              • Executes dropped EXE
                              PID:3276
                              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=utorrentie.exe --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=0 --disable-features=msEnhancedTrackingPreventionEnabled --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=3276.5336.6444562553301222398
                                5⤵
                                  PID:4052
                                  • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0xe0,0x1b8,0x7ff9a08b3cb8,0x7ff9a08b3cc8,0x7ff9a08b3cd8
                                    6⤵
                                      PID:5248
                                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1808,16722220192379908518,12506864497296083157,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1876 /prefetch:2
                                      6⤵
                                        PID:4516
                                      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1808,16722220192379908518,12506864497296083157,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --mojo-platform-channel-handle=1924 /prefetch:3
                                        6⤵
                                          PID:2228
                                    • C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe
                                      "C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe" uTorrent_5356_00D99A40_1741039051 µTorrent4823DF041B09 uTorrent ce unp
                                      4⤵
                                      • Executes dropped EXE
                                      PID:5296
                                      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=utorrentie.exe --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=0 --disable-features=msEnhancedTrackingPreventionEnabled --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=5296.4100.5404006906378711011
                                        5⤵
                                        • Enumerates system info in registry
                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                        • Suspicious use of FindShellTrayWindow
                                        PID:5268
                                        • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                          "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x204,0x7ff9a08b3cb8,0x7ff9a08b3cc8,0x7ff9a08b3cd8
                                          6⤵
                                            PID:2812
                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1892,7463234504970067295,18233866869117177012,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1904 /prefetch:2
                                            6⤵
                                              PID:4892
                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,7463234504970067295,18233866869117177012,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --mojo-platform-channel-handle=1948 /prefetch:3
                                              6⤵
                                                PID:1588
                                              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,7463234504970067295,18233866869117177012,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --mojo-platform-channel-handle=2388 /prefetch:8
                                                6⤵
                                                  PID:6204
                                                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1892,7463234504970067295,18233866869117177012,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
                                                  6⤵
                                                    PID:6420
                                                  • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1892,7463234504970067295,18233866869117177012,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
                                                    6⤵
                                                      PID:6516
                                                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1892,7463234504970067295,18233866869117177012,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
                                                      6⤵
                                                        PID:6572
                                                      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,7463234504970067295,18233866869117177012,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --mojo-platform-channel-handle=4804 /prefetch:8
                                                        6⤵
                                                          PID:6172
                                                        • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                          "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1892,7463234504970067295,18233866869117177012,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
                                                          6⤵
                                                            PID:6096
                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --field-trial-handle=1892,7463234504970067295,18233866869117177012,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=entity_extraction --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --mojo-platform-channel-handle=4984 /prefetch:8
                                                            6⤵
                                                              PID:6316
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://utorrent.com/prodnews?v=3%2e6%2e0%2e1%2e47082&pv=0.0.0.0.0
                                                          4⤵
                                                          • Enumerates system info in registry
                                                          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                          • Suspicious use of FindShellTrayWindow
                                                          • Suspicious use of SendNotifyMessage
                                                          PID:5980
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9a08b3cb8,0x7ff9a08b3cc8,0x7ff9a08b3cd8
                                                            5⤵
                                                              PID:5324
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,5999447585462004436,9596578126043160139,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2080 /prefetch:2
                                                              5⤵
                                                                PID:1456
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,5999447585462004436,9596578126043160139,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
                                                                5⤵
                                                                  PID:5112
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,5999447585462004436,9596578126043160139,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
                                                                  5⤵
                                                                    PID:3352
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5999447585462004436,9596578126043160139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
                                                                    5⤵
                                                                      PID:5332
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5999447585462004436,9596578126043160139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
                                                                      5⤵
                                                                        PID:3900
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5999447585462004436,9596578126043160139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4432 /prefetch:1
                                                                        5⤵
                                                                          PID:6976
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,5999447585462004436,9596578126043160139,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 /prefetch:8
                                                                          5⤵
                                                                            PID:6728
                                                                        • C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe
                                                                          "C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.6.0_47082\utorrentie.exe" uTorrent_5356_00D99570_434971993 µTorrent4823DF041B09 uTorrent ce unp
                                                                          4⤵
                                                                          • Executes dropped EXE
                                                                          PID:3768
                                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=utorrentie.exe --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=0 --disable-features=msEnhancedTrackingPreventionEnabled --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=3768.1860.193206880185996093
                                                                            5⤵
                                                                              PID:5820
                                                                              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x1b8,0x7ff9a08b3cb8,0x7ff9a08b3cc8,0x7ff9a08b3cd8
                                                                                6⤵
                                                                                  PID:6240
                                                                                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1852,5197624947321133114,8062991043944495916,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1860 /prefetch:2
                                                                                  6⤵
                                                                                    PID:5772
                                                                                  • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1852,5197624947321133114,8062991043944495916,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msEnhancedTrackingPreventionEnabled,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView" --webview-exe-name=utorrentie.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=0 --mojo-platform-channel-handle=2228 /prefetch:3
                                                                                    6⤵
                                                                                      PID:3852
                                                                          • C:\Windows\SysWOW64\DllHost.exe
                                                                            C:\Windows\SysWOW64\DllHost.exe /Processid:{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}
                                                                            1⤵
                                                                              PID:432
                                                                            • C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe
                                                                              "C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe" -pn:EPP -lpn:rav_antivirus -url:https://update.reasonsecurity.com/v2/live -bn:ReasonLabs -dt:10
                                                                              1⤵
                                                                              • Executes dropped EXE
                                                                              PID:2636
                                                                            • C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
                                                                              "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"
                                                                              1⤵
                                                                              • Drops file in Program Files directory
                                                                              • Executes dropped EXE
                                                                              • Loads dropped DLL
                                                                              • Modifies data under HKEY_USERS
                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                              PID:248
                                                                            • C:\Program Files\ReasonLabs\EPP\rsWSC.exe
                                                                              "C:\Program Files\ReasonLabs\EPP\rsWSC.exe"
                                                                              1⤵
                                                                              • Drops file in System32 directory
                                                                              • Executes dropped EXE
                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                              PID:4752
                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                              1⤵
                                                                                PID:2880
                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                1⤵
                                                                                  PID:2876
                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                  1⤵
                                                                                    PID:3848
                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                    1⤵
                                                                                      PID:4800
                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                      1⤵
                                                                                        PID:3900
                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                        1⤵
                                                                                          PID:1004
                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                          1⤵
                                                                                            PID:3084
                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                            1⤵
                                                                                              PID:5140

                                                                                            Network

                                                                                            • flag-us
                                                                                              DNS
                                                                                              d42q8e9nhm7ym.cloudfront.net
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              d42q8e9nhm7ym.cloudfront.net
                                                                                              IN A
                                                                                              Response
                                                                                              d42q8e9nhm7ym.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.4
                                                                                              d42q8e9nhm7ym.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.64
                                                                                              d42q8e9nhm7ym.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.61
                                                                                              d42q8e9nhm7ym.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.22
                                                                                            • flag-us
                                                                                              DNS
                                                                                              4.190.239.18.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              4.190.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              4.190.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-190-4bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              d2p3z23xtslrsm.cloudfront.net
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              d2p3z23xtslrsm.cloudfront.net
                                                                                              IN A
                                                                                              Response
                                                                                              d2p3z23xtslrsm.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.230
                                                                                              d2p3z23xtslrsm.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.209
                                                                                              d2p3z23xtslrsm.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.97
                                                                                              d2p3z23xtslrsm.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.94
                                                                                            • flag-us
                                                                                              DNS
                                                                                              d27iw11mm1vkcl.cloudfront.net
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              d27iw11mm1vkcl.cloudfront.net
                                                                                              IN A
                                                                                              Response
                                                                                              d27iw11mm1vkcl.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.163
                                                                                              d27iw11mm1vkcl.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.121
                                                                                              d27iw11mm1vkcl.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.96
                                                                                              d27iw11mm1vkcl.cloudfront.net
                                                                                              IN A
                                                                                              18.239.190.132
                                                                                            • flag-us
                                                                                              DNS
                                                                                              api.playanext.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              api.playanext.com
                                                                                              IN A
                                                                                              Response
                                                                                              api.playanext.com
                                                                                              IN CNAME
                                                                                              d1atxff5avezsq.cloudfront.net
                                                                                              d1atxff5avezsq.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.56
                                                                                              d1atxff5avezsq.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.31
                                                                                              d1atxff5avezsq.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.15
                                                                                              d1atxff5avezsq.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.111
                                                                                            • flag-us
                                                                                              DNS
                                                                                              230.190.239.18.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              230.190.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              230.190.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-190-230bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              56.208.239.18.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              56.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              56.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-208-56bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              68.9.67.172.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              68.9.67.172.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              router.bittorrent.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              router.bittorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              router.bittorrent.com
                                                                                              IN A
                                                                                              67.215.246.10
                                                                                            • flag-us
                                                                                              DNS
                                                                                              203.246.215.67.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              203.246.215.67.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              203.246.215.67.in-addr.arpa
                                                                                              IN PTR
                                                                                              updateutorrentcom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              sadownload.mcafee.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              sadownload.mcafee.com
                                                                                              IN A
                                                                                              Response
                                                                                              sadownload.mcafee.com
                                                                                              IN CNAME
                                                                                              sadownload-r53.awsconsumer.mcafee.com
                                                                                              sadownload-r53.awsconsumer.mcafee.com
                                                                                              IN CNAME
                                                                                              sadownload.mcafee.com.edgesuite.net
                                                                                              sadownload.mcafee.com.edgesuite.net
                                                                                              IN CNAME
                                                                                              a866.dscd.akamai.net
                                                                                              a866.dscd.akamai.net
                                                                                              IN A
                                                                                              96.16.53.134
                                                                                              a866.dscd.akamai.net
                                                                                              IN A
                                                                                              96.16.53.139
                                                                                            • flag-us
                                                                                              DNS
                                                                                              ctldl.windowsupdate.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              ctldl.windowsupdate.com
                                                                                              IN A
                                                                                              Response
                                                                                              ctldl.windowsupdate.com
                                                                                              IN CNAME
                                                                                              ctldl.windowsupdate.com.delivery.microsoft.com
                                                                                              ctldl.windowsupdate.com.delivery.microsoft.com
                                                                                              IN CNAME
                                                                                              wu-b-net.trafficmanager.net
                                                                                              wu-b-net.trafficmanager.net
                                                                                              IN CNAME
                                                                                              download.windowsupdate.com.edgesuite.net
                                                                                              download.windowsupdate.com.edgesuite.net
                                                                                              IN CNAME
                                                                                              a767.dspw65.akamai.net
                                                                                              a767.dspw65.akamai.net
                                                                                              IN A
                                                                                              23.73.136.121
                                                                                              a767.dspw65.akamai.net
                                                                                              IN A
                                                                                              23.73.136.131
                                                                                            • flag-us
                                                                                              DNS
                                                                                              download.opera.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              download.opera.com
                                                                                              IN A
                                                                                              Response
                                                                                              download.opera.com
                                                                                              IN CNAME
                                                                                              download.geo.opera.com
                                                                                              download.geo.opera.com
                                                                                              IN CNAME
                                                                                              eu2-download.opera.com
                                                                                              eu2-download.opera.com
                                                                                              IN A
                                                                                              82.145.216.24
                                                                                              eu2-download.opera.com
                                                                                              IN A
                                                                                              82.145.216.23
                                                                                            • flag-us
                                                                                              DNS
                                                                                              121.217.145.82.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              121.217.145.82.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              track.analytics-data.io
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              track.analytics-data.io
                                                                                              IN A
                                                                                              Response
                                                                                              track.analytics-data.io
                                                                                              IN CNAME
                                                                                              atom-production-collector-cyber-224812358.us-east-1.elb.amazonaws.com
                                                                                              atom-production-collector-cyber-224812358.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              3.213.31.22
                                                                                              atom-production-collector-cyber-224812358.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              23.23.83.187
                                                                                              atom-production-collector-cyber-224812358.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              3.230.7.139
                                                                                            • flag-us
                                                                                              DNS
                                                                                              track.analytics-data.io
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              track.analytics-data.io
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              track.analytics-data.io
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              track.analytics-data.io
                                                                                              IN A
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://d27iw11mm1vkcl.cloudfront.net/f/RAV_Triple_NCB/images/DOTPS-855/EN.png
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              18.239.190.163:443
                                                                                              Request
                                                                                              GET /f/RAV_Triple_NCB/images/DOTPS-855/EN.png HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              User-Agent: Inno Setup 6.2.1
                                                                                              Host: d27iw11mm1vkcl.cloudfront.net
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 75974
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Sun, 11 Sep 2022 12:56:32 GMT
                                                                                              x-amz-meta-cb-modifiedtime: Sun, 11 Sep 2022 10:58:27 GMT
                                                                                              x-amz-version-id: mCoh4hrlqpNiFIHFPwsLWmtCICuCsWOt
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 05:35:04 GMT
                                                                                              ETag: "cd09f361286d1ad2622ba8a57b7613bd"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 d9facd0a6cbc2db78632a6ca0d196d94.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: wjrbAkAsk9pG5rs5mXmc1-zZowtI1sJ0GuRNVEmUH9pEvDx1xXFbbQ==
                                                                                              Age: 41166
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://d27iw11mm1vkcl.cloudfront.net/f/WebAdvisor/images/943/EN.png
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              18.239.190.163:443
                                                                                              Request
                                                                                              GET /f/WebAdvisor/images/943/EN.png HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              User-Agent: Inno Setup 6.2.1
                                                                                              Host: d27iw11mm1vkcl.cloudfront.net
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 48743
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Wed, 23 Nov 2022 15:50:00 GMT
                                                                                              x-amz-version-id: RW9gnZViDqHn6sjOaRWUaFg5F2z0vnXM
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 06:08:20 GMT
                                                                                              ETag: "4cfff8dc30d353cd3d215fd3a5dbac24"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 d9facd0a6cbc2db78632a6ca0d196d94.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: sYsIACwCkdTgfXb-iQjSbsrRHflh8iszi4m6OmXWeZAehSuzMNLK7Q==
                                                                                              Age: 39170
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://d27iw11mm1vkcl.cloudfront.net/f/Opera/images/DOTPS-717/UTO_NCB/EN.png
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              18.239.190.163:443
                                                                                              Request
                                                                                              GET /f/Opera/images/DOTPS-717/UTO_NCB/EN.png HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              User-Agent: Inno Setup 6.2.1
                                                                                              Host: d27iw11mm1vkcl.cloudfront.net
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 67420
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Wed, 11 May 2022 15:45:37 GMT
                                                                                              x-amz-meta-cb-modifiedtime: Wed, 11 May 2022 13:12:39 GMT
                                                                                              x-amz-version-id: v_U8NSF8tmyANzTPSj0dHPnNVAx8twL0
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 04:25:34 GMT
                                                                                              ETag: "ca01cd3778c987f64633d8af840ccccb"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 d9facd0a6cbc2db78632a6ca0d196d94.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: 3u890M43koNkZ2BES0Ox-Rs1_FgvA5Dfxpa7f315UDYv9PkkHlTg9g==
                                                                                              Age: 45337
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://d27iw11mm1vkcl.cloudfront.net/f/WebAdvisor/files/1489/saBSI.zip
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              18.239.190.163:443
                                                                                              Request
                                                                                              GET /f/WebAdvisor/files/1489/saBSI.zip HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              User-Agent: Inno Setup 6.2.1
                                                                                              Host: d27iw11mm1vkcl.cloudfront.net
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: application/x-zip-compressed
                                                                                              Content-Length: 527389
                                                                                              Connection: keep-alive
                                                                                              Date: Mon, 06 May 2024 06:15:33 GMT
                                                                                              Last-Modified: Tue, 26 Mar 2024 13:11:30 GMT
                                                                                              ETag: "f68008b70822bd28c82d13a289deb418"
                                                                                              x-amz-server-side-encryption: AES256
                                                                                              x-amz-meta-cb-modifiedtime: Tue, 26 Mar 2024 13:10:42 GMT
                                                                                              x-amz-version-id: 7sn0EuMWH3aYiKrbA4lOPgyoNDAU9iIf
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 d9facd0a6cbc2db78632a6ca0d196d94.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: L5QpBdGlpkQqWVESbsUPCK2oUEkQQ5bKeLtz0oOaUhMXzFF8QXbREQ==
                                                                                              Age: 38756
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://d27iw11mm1vkcl.cloudfront.net/f/Opera/files/1499/OperaSetup.zip
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              18.239.190.163:443
                                                                                              Request
                                                                                              GET /f/Opera/files/1499/OperaSetup.zip HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              User-Agent: Inno Setup 6.2.1
                                                                                              Host: d27iw11mm1vkcl.cloudfront.net
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: application/x-zip-compressed
                                                                                              Content-Length: 2401662
                                                                                              Connection: keep-alive
                                                                                              Date: Mon, 06 May 2024 06:51:59 GMT
                                                                                              Last-Modified: Sun, 07 Apr 2024 07:50:46 GMT
                                                                                              ETag: "f743314bda8fb2a98ae14316c4d0d3a2"
                                                                                              x-amz-server-side-encryption: AES256
                                                                                              x-amz-meta-cb-modifiedtime: Sun, 07 Apr 2024 07:49:19 GMT
                                                                                              x-amz-version-id: 8j21tSIAHNXNBrLgm2KNYqqjAYu4Z.0k
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 d9facd0a6cbc2db78632a6ca0d196d94.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: NyitLHCfug0glCOxv9QdAQctePs2KfEYibjlIe9F0oP0K0xyJ8aFFg==
                                                                                              Age: 36570
                                                                                            • flag-us
                                                                                              DNS
                                                                                              163.190.239.18.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              163.190.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              163.190.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-190-163bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              66.238.215.67.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              66.238.215.67.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              66.238.215.67.in-addr.arpa
                                                                                              IN PTR
                                                                                              6721523866static quadranetcom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-6000.b-47082.ut.bench.utorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-6000.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              i-6000.b-47082.ut.bench.utorrent.com
                                                                                              IN CNAME
                                                                                              bench.utp.st
                                                                                              bench.utp.st
                                                                                              IN CNAME
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.55.162.212
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.204.74.82
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.1.89.18
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              50.17.80.143
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.218.73.120
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.1.245.247
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.44.212.96
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.205.169.46
                                                                                            • flag-us
                                                                                              DNS
                                                                                              router.utorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              router.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              router.utorrent.com
                                                                                              IN A
                                                                                              82.221.103.244
                                                                                            • flag-us
                                                                                              DNS
                                                                                              analytics.apis.mcafee.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              analytics.apis.mcafee.com
                                                                                              IN A
                                                                                              Response
                                                                                              analytics.apis.mcafee.com
                                                                                              IN CNAME
                                                                                              mosaic-nova.apis.mcafee.com
                                                                                              mosaic-nova.apis.mcafee.com
                                                                                              IN A
                                                                                              35.160.202.158
                                                                                              mosaic-nova.apis.mcafee.com
                                                                                              IN A
                                                                                              52.38.135.244
                                                                                              mosaic-nova.apis.mcafee.com
                                                                                              IN A
                                                                                              54.69.157.31
                                                                                              mosaic-nova.apis.mcafee.com
                                                                                              IN A
                                                                                              35.155.163.235
                                                                                              mosaic-nova.apis.mcafee.com
                                                                                              IN A
                                                                                              52.32.187.209
                                                                                              mosaic-nova.apis.mcafee.com
                                                                                              IN A
                                                                                              54.201.47.27
                                                                                              mosaic-nova.apis.mcafee.com
                                                                                              IN A
                                                                                              52.41.182.30
                                                                                              mosaic-nova.apis.mcafee.com
                                                                                              IN A
                                                                                              52.41.100.65
                                                                                            • flag-us
                                                                                              DNS
                                                                                              desktop-netinstaller-sub.osp.opera.software
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              desktop-netinstaller-sub.osp.opera.software
                                                                                              IN A
                                                                                              Response
                                                                                              desktop-netinstaller-sub.osp.opera.software
                                                                                              IN CNAME
                                                                                              submit-target.osp.opera.software
                                                                                              submit-target.osp.opera.software
                                                                                              IN CNAME
                                                                                              submit.geo.opera.com
                                                                                              submit.geo.opera.com
                                                                                              IN CNAME
                                                                                              submit-am4.osp.opera.software
                                                                                              submit-am4.osp.opera.software
                                                                                              IN A
                                                                                              82.145.217.121
                                                                                            • flag-us
                                                                                              DNS
                                                                                              features.opera-api2.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              features.opera-api2.com
                                                                                              IN A
                                                                                              Response
                                                                                              features.opera-api2.com
                                                                                              IN CNAME
                                                                                              features-2.geo.opera.com
                                                                                              features-2.geo.opera.com
                                                                                              IN CNAME
                                                                                              am4-features.opera-api2.com
                                                                                              am4-features.opera-api2.com
                                                                                              IN CNAME
                                                                                              am4.lb.opera.technology
                                                                                              am4.lb.opera.technology
                                                                                              IN A
                                                                                              82.145.216.16
                                                                                              am4.lb.opera.technology
                                                                                              IN A
                                                                                              82.145.216.15
                                                                                            • flag-us
                                                                                              DNS
                                                                                              134.53.16.96.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              134.53.16.96.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              134.53.16.96.in-addr.arpa
                                                                                              IN PTR
                                                                                              a96-16-53-134deploystaticakamaitechnologiescom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              89.11.18.104.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              download-new.utorrent.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              download-new.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              download-new.utorrent.com
                                                                                              IN A
                                                                                              67.215.238.66
                                                                                            • flag-us
                                                                                              DNS
                                                                                              shield.reasonsecurity.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              shield.reasonsecurity.com
                                                                                              IN A
                                                                                              Response
                                                                                              shield.reasonsecurity.com
                                                                                              IN A
                                                                                              172.67.9.68
                                                                                              shield.reasonsecurity.com
                                                                                              IN A
                                                                                              104.22.1.235
                                                                                              shield.reasonsecurity.com
                                                                                              IN A
                                                                                              104.22.0.235
                                                                                            • flag-us
                                                                                              DNS
                                                                                              212.162.55.52.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              212.162.55.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              212.162.55.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              ec2-52-55-162-212 compute-1 amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              update.utorrent.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              update.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              update.utorrent.com
                                                                                              IN A
                                                                                              67.215.246.203
                                                                                            • flag-us
                                                                                              DNS
                                                                                              158.202.160.35.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              158.202.160.35.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              158.202.160.35.in-addr.arpa
                                                                                              IN PTR
                                                                                              ec2-35-160-202-158 us-west-2compute amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              autoupdate.geo.opera.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              autoupdate.geo.opera.com
                                                                                              IN A
                                                                                              Response
                                                                                              autoupdate.geo.opera.com
                                                                                              IN CNAME
                                                                                              eu-autoupdate.opera.com
                                                                                              eu-autoupdate.opera.com
                                                                                              IN A
                                                                                              185.26.182.124
                                                                                              eu-autoupdate.opera.com
                                                                                              IN A
                                                                                              185.26.182.123
                                                                                            • flag-us
                                                                                              DNS
                                                                                              ocsp.digicert.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              ocsp.digicert.com
                                                                                              IN A
                                                                                              Response
                                                                                              ocsp.digicert.com
                                                                                              IN CNAME
                                                                                              ocsp.edge.digicert.com
                                                                                              ocsp.edge.digicert.com
                                                                                              IN CNAME
                                                                                              fp2e7a.wpc.2be4.phicdn.net
                                                                                              fp2e7a.wpc.2be4.phicdn.net
                                                                                              IN CNAME
                                                                                              fp2e7a.wpc.phicdn.net
                                                                                              fp2e7a.wpc.phicdn.net
                                                                                              IN A
                                                                                              192.229.221.95
                                                                                            • flag-us
                                                                                              DNS
                                                                                              download5.operacdn.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              download5.operacdn.com
                                                                                              IN A
                                                                                              Response
                                                                                              download5.operacdn.com
                                                                                              IN A
                                                                                              104.18.11.89
                                                                                              download5.operacdn.com
                                                                                              IN A
                                                                                              104.18.10.89
                                                                                            • flag-us
                                                                                              DNS
                                                                                              124.182.26.185.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              124.182.26.185.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              124.182.26.185.in-addr.arpa
                                                                                              IN PTR
                                                                                              eu-autoupdateoperacom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              22.31.213.3.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              22.31.213.3.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              22.31.213.3.in-addr.arpa
                                                                                              IN PTR
                                                                                              ec2-3-213-31-22 compute-1 amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              secure.globalsign.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              secure.globalsign.com
                                                                                              IN A
                                                                                              Response
                                                                                              secure.globalsign.com
                                                                                              IN CNAME
                                                                                              global.prd.cdn.globalsign.com
                                                                                              global.prd.cdn.globalsign.com
                                                                                              IN CNAME
                                                                                              prod.globalsign.map.fastly.net
                                                                                              prod.globalsign.map.fastly.net
                                                                                              IN A
                                                                                              151.101.2.133
                                                                                              prod.globalsign.map.fastly.net
                                                                                              IN A
                                                                                              151.101.66.133
                                                                                              prod.globalsign.map.fastly.net
                                                                                              IN A
                                                                                              151.101.130.133
                                                                                              prod.globalsign.map.fastly.net
                                                                                              IN A
                                                                                              151.101.194.133
                                                                                            • flag-us
                                                                                              DNS
                                                                                              34.208.239.18.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              34.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              34.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-208-34bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              cacerts.digicert.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              cacerts.digicert.com
                                                                                              IN A
                                                                                              Response
                                                                                              cacerts.digicert.com
                                                                                              IN CNAME
                                                                                              fp2e7a.wpc.2be4.phicdn.net
                                                                                              fp2e7a.wpc.2be4.phicdn.net
                                                                                              IN CNAME
                                                                                              fp2e7a.wpc.phicdn.net
                                                                                              fp2e7a.wpc.phicdn.net
                                                                                              IN A
                                                                                              192.229.221.95
                                                                                            • flag-us
                                                                                              DNS
                                                                                              139.7.230.3.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              139.7.230.3.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              139.7.230.3.in-addr.arpa
                                                                                              IN PTR
                                                                                              ec2-3-230-7-139 compute-1 amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              home.mcafee.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              home.mcafee.com
                                                                                              IN A
                                                                                              Response
                                                                                              home.mcafee.com
                                                                                              IN CNAME
                                                                                              home-r53.awsconsumer.mcafee.com
                                                                                              home-r53.awsconsumer.mcafee.com
                                                                                              IN CNAME
                                                                                              home.mcafee.com.akadns.net
                                                                                              home.mcafee.com.akadns.net
                                                                                              IN CNAME
                                                                                              ccdn-wildcard.mcafee.com.edgekey.net
                                                                                              ccdn-wildcard.mcafee.com.edgekey.net
                                                                                              IN CNAME
                                                                                              e11474.b.akamaiedge.net
                                                                                              e11474.b.akamaiedge.net
                                                                                              IN A
                                                                                              104.68.84.174
                                                                                            • flag-us
                                                                                              DNS
                                                                                              cdn.reasonsecurity.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              cdn.reasonsecurity.com
                                                                                              IN A
                                                                                              Response
                                                                                              cdn.reasonsecurity.com
                                                                                              IN CNAME
                                                                                              d2zcbe2x5jnnru.cloudfront.net
                                                                                              d2zcbe2x5jnnru.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.12
                                                                                              d2zcbe2x5jnnru.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.56
                                                                                              d2zcbe2x5jnnru.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.28
                                                                                              d2zcbe2x5jnnru.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.21
                                                                                            • flag-us
                                                                                              DNS
                                                                                              ocsp.usertrust.com
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              ocsp.usertrust.com
                                                                                              IN A
                                                                                              Response
                                                                                              ocsp.usertrust.com
                                                                                              IN CNAME
                                                                                              ocsp.comodoca.com.cdn.cloudflare.net
                                                                                              ocsp.comodoca.com.cdn.cloudflare.net
                                                                                              IN A
                                                                                              104.18.38.233
                                                                                              ocsp.comodoca.com.cdn.cloudflare.net
                                                                                              IN A
                                                                                              172.64.149.23
                                                                                            • flag-us
                                                                                              DNS
                                                                                              233.38.18.104.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              233.38.18.104.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              233.38.18.104.in-addr.arpa
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              233.38.18.104.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              HEAD
                                                                                              https://download-new.utorrent.com/endpoint/utorrent/os/riserollout/track/stable
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              67.215.238.66:443
                                                                                              Request
                                                                                              HEAD /endpoint/utorrent/os/riserollout/track/stable HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
                                                                                              Host: download-new.utorrent.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Server: nginx/1.6.1
                                                                                              Date: Mon, 06 May 2024 17:01:10 GMT
                                                                                              Content-Type: application/x-msdownload
                                                                                              Content-Length: 3886920
                                                                                              Connection: close
                                                                                              X-bt-sig: c02b4105e613efce7bd4d5d4e40927f574d7d8dc7ed36d9f2879419e5c40d1c134bbe7bd8d0124ba90b52ff73f96732c55ad014b64fb94ea233dc6b97daf3e07b0c0736b6de8f8d4a64be231af91e3f501e9d37ba22b655441849d936e25ea90bc77a8bb7cf3983e5194175deccf3130499e0359e0aa6f950218bfbd28d67a935344968646c29c849640b833c376084a0be313634a02fbbc79e02e5f55a5e50e593a5b6e2ae259eefee74f72014ce02f7de149de76763feabd5bba37a701f1373411ad89a74965f4c2b76797d51a12e747d272a460c08d5e10a6ba650dce1c749848b500414a8b80ef079ebb3e9865349c6795c60a5398aafe76c1f6789af7ba
                                                                                              Last-Modified: Thu, 02 May 2024 01:30:26 +0000
                                                                                              Accept-Ranges: none
                                                                                              Content-Disposition: attachment; filename="uTorrent_.exe"
                                                                                              X-bt-size: 3886920
                                                                                              Cache-Control: max-age=3600
                                                                                              X-rl-mx: true
                                                                                              Rule-UUID: 5e7b0123-cc33-4f1b-afbd-b0b00df4107c
                                                                                              Content-MD5: d5bda33383b3ace63aa7df579ccef364
                                                                                              Expires: Tue, 01 Jan 1980 00:00:00 +0000
                                                                                              X-bt-hash: 804c1a7738d16240c6a3333ee10127a1182679a9
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://download-new.utorrent.com/endpoint/utorrent/os/riserollout/track/stable
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              67.215.238.66:443
                                                                                              Request
                                                                                              GET /endpoint/utorrent/os/riserollout/track/stable HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              User-Agent: Inno Setup 6.2.1
                                                                                              Host: download-new.utorrent.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Server: nginx/1.6.1
                                                                                              Date: Mon, 06 May 2024 17:01:23 GMT
                                                                                              Content-Type: application/x-msdownload
                                                                                              Content-Length: 3886920
                                                                                              Connection: close
                                                                                              X-bt-sig: c02b4105e613efce7bd4d5d4e40927f574d7d8dc7ed36d9f2879419e5c40d1c134bbe7bd8d0124ba90b52ff73f96732c55ad014b64fb94ea233dc6b97daf3e07b0c0736b6de8f8d4a64be231af91e3f501e9d37ba22b655441849d936e25ea90bc77a8bb7cf3983e5194175deccf3130499e0359e0aa6f950218bfbd28d67a935344968646c29c849640b833c376084a0be313634a02fbbc79e02e5f55a5e50e593a5b6e2ae259eefee74f72014ce02f7de149de76763feabd5bba37a701f1373411ad89a74965f4c2b76797d51a12e747d272a460c08d5e10a6ba650dce1c749848b500414a8b80ef079ebb3e9865349c6795c60a5398aafe76c1f6789af7ba
                                                                                              Last-Modified: Thu, 02 May 2024 01:30:26 +0000
                                                                                              Accept-Ranges: none
                                                                                              Content-Disposition: attachment; filename="uTorrent_.exe"
                                                                                              X-bt-size: 3886920
                                                                                              Cache-Control: private
                                                                                              X-rl-mx: true
                                                                                              Rule-UUID: 5e7b0123-cc33-4f1b-afbd-b0b00df4107c
                                                                                              Content-MD5: d5bda33383b3ace63aa7df579ccef364
                                                                                              Expires: Tue, 01 Jan 1980 00:00:00 +0000
                                                                                              X-bt-hash: 804c1a7738d16240c6a3333ee10127a1182679a9
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://shield.reasonsecurity.com/rsStubActivator.exe
                                                                                              utorrent_installer(1).tmp
                                                                                              Remote address:
                                                                                              172.67.9.68:443
                                                                                              Request
                                                                                              GET /rsStubActivator.exe HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              User-Agent: Inno Setup 6.2.1
                                                                                              Host: shield.reasonsecurity.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:28 GMT
                                                                                              Content-Type: application/x-msdownload
                                                                                              Content-Length: 45608
                                                                                              Connection: keep-alive
                                                                                              access-control-allow-origin: *
                                                                                              content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
                                                                                              x-dns-prefetch-control: off
                                                                                              expect-ct: max-age=0
                                                                                              x-frame-options: SAMEORIGIN
                                                                                              strict-transport-security: max-age=15552000; includeSubDomains
                                                                                              x-download-options: noopen
                                                                                              x-content-type-options: nosniff
                                                                                              x-permitted-cross-domain-policies: none
                                                                                              referrer-policy: no-referrer
                                                                                              x-xss-protection: 0
                                                                                              content-disposition: attachment; filename=rsStubActivator.exe
                                                                                              etag: W/"b228-x7JYHCQJc7L24gVsnexhWeJXsxU"
                                                                                              CF-Cache-Status: DYNAMIC
                                                                                              Server: cloudflare
                                                                                              CF-RAY: 87fa884b39e1653e-LHR
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-6000.b-47082.ut.bench.utorrent.com/e?i=6000
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.55.162.212:80
                                                                                              Request
                                                                                              POST /e?i=6000 HTTP/1.1
                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                              User-Agent: NSIS_Inetc (Mozilla)
                                                                                              Host: i-6000.b-47082.ut.bench.utorrent.com
                                                                                              Content-Length: 230
                                                                                              Connection: Keep-Alive
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:01:30 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: keep-alive
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-6000.b-47082.ut.bench.utorrent.com/e?i=6000
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.55.162.212:80
                                                                                              Request
                                                                                              POST /e?i=6000 HTTP/1.1
                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                              User-Agent: NSIS_Inetc (Mozilla)
                                                                                              Host: i-6000.b-47082.ut.bench.utorrent.com
                                                                                              Content-Length: 335
                                                                                              Connection: Keep-Alive
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:01:32 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: keep-alive
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://update.utorrent.com/installstats.php?cl=uTorrent&v=113358826&h=XA7cRsPA6AiKyc4_&w=55F0000A&bu=0&pr=0&cmp=0&ocmp=0&showinstall&pid=3632&cau=0&lunv=0&au=0&view=win32
                                                                                              utorrent.exe
                                                                                              Remote address:
                                                                                              67.215.246.203:80
                                                                                              Request
                                                                                              GET /installstats.php?cl=uTorrent&v=113358826&h=XA7cRsPA6AiKyc4_&w=55F0000A&bu=0&pr=0&cmp=0&ocmp=0&showinstall&pid=3632&cau=0&lunv=0&au=0&view=win32 HTTP/1.1
                                                                                              Accept-Encoding: gzip
                                                                                              User-Agent: uTorrent(47082105433.6
                                                                                              Host: update.utorrent.com
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Server: nginx/1.4.7
                                                                                              Date: Mon, 06 May 2024 17:01:54 GMT
                                                                                              Content-Type: text/html
                                                                                              Transfer-Encoding: chunked
                                                                                              Connection: close
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://update.utorrent.com/installstats.php?cl=uTorrent&v=113358826&h=XA7cRsPA6AiKyc4_&w=55F0000A&bu=0&pr=0&cmp=0&ocmp=0&installresult&pid=3632&cau=0&lunv=0&installresult=0&exit=1&au=0&ic=1&view=win32
                                                                                              utorrent.exe
                                                                                              Remote address:
                                                                                              67.215.246.203:80
                                                                                              Request
                                                                                              GET /installstats.php?cl=uTorrent&v=113358826&h=XA7cRsPA6AiKyc4_&w=55F0000A&bu=0&pr=0&cmp=0&ocmp=0&installresult&pid=3632&cau=0&lunv=0&installresult=0&exit=1&au=0&ic=1&view=win32 HTTP/1.1
                                                                                              Accept-Encoding: gzip
                                                                                              User-Agent: uTorrent(47082105433.6
                                                                                              Host: update.utorrent.com
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Server: nginx/1.4.7
                                                                                              Date: Mon, 06 May 2024 17:01:55 GMT
                                                                                              Content-Type: text/html
                                                                                              Transfer-Encoding: chunked
                                                                                              Connection: close
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                            • flag-us
                                                                                              PUT
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              saBSI.exe
                                                                                              Remote address:
                                                                                              35.160.202.158:443
                                                                                              Request
                                                                                              PUT /mosaic/2.0/product-web/am/v1/record HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              User-Agent: SA
                                                                                              X-Api-Key: wtuQtD4DdA8poRbq0pzMh1iysE9YiVlC14kJF9ZI
                                                                                              Content-Length: 310
                                                                                              Host: analytics.apis.mcafee.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:34 GMT
                                                                                              Content-Type: application/x-amz-json-1.1
                                                                                              Content-Length: 133
                                                                                              Connection: keep-alive
                                                                                              x-amzn-RequestId: cf06e5df-15be-c429-91b5-eaf11bc521a6
                                                                                              x-amz-id-2: VTRO2U59T7TFqJB7LQgZPpulLir1EjmSJxBzvWlpRV7LClAH0kPR5Ot7fmlsnDbpBL25bJfEKsoTq8wp77qrkadFQZbqO/o9
                                                                                            • flag-us
                                                                                              PUT
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              saBSI.exe
                                                                                              Remote address:
                                                                                              35.160.202.158:443
                                                                                              Request
                                                                                              PUT /mosaic/2.0/product-web/am/v1/record HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              User-Agent: SA
                                                                                              X-Api-Key: wtuQtD4DdA8poRbq0pzMh1iysE9YiVlC14kJF9ZI
                                                                                              Content-Length: 310
                                                                                              Host: analytics.apis.mcafee.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:34 GMT
                                                                                              Content-Type: application/x-amz-json-1.1
                                                                                              Content-Length: 133
                                                                                              Connection: keep-alive
                                                                                              x-amz-id-2: 5PULiyRyJ3xGUtSHBajgECdAVWTGxyJWFXb3/+BwO6PgvUMGxLwJszmIXCTgQxn+VIz9uD9K0Mu9wFc8PMIHj1getfDqR/gy
                                                                                              x-amzn-RequestId: da1b36b5-c8fa-8103-84a8-399bbb7694f0
                                                                                            • flag-us
                                                                                              PUT
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              saBSI.exe
                                                                                              Remote address:
                                                                                              35.160.202.158:443
                                                                                              Request
                                                                                              PUT /mosaic/2.0/product-web/am/v1/record HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              User-Agent: SA
                                                                                              X-Api-Key: wtuQtD4DdA8poRbq0pzMh1iysE9YiVlC14kJF9ZI
                                                                                              Content-Length: 335
                                                                                              Host: analytics.apis.mcafee.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:36 GMT
                                                                                              Content-Type: application/x-amz-json-1.1
                                                                                              Content-Length: 133
                                                                                              Connection: keep-alive
                                                                                              x-amzn-RequestId: d0f17d04-119a-270a-8e42-7234d36bc4bf
                                                                                              x-amz-id-2: dLySGtWzU2EHRVKBX2yn7+T/mZlhrR4rF1OYhnZthwMSnx4Dpl45z3z1NqEpfl5FX5KNACcOfDHfpeC6KhLrpqZxleMAtCBj
                                                                                            • flag-us
                                                                                              PUT
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              saBSI.exe
                                                                                              Remote address:
                                                                                              35.160.202.158:443
                                                                                              Request
                                                                                              PUT /mosaic/2.0/product-web/am/v1/record HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              User-Agent: SA
                                                                                              X-Api-Key: wtuQtD4DdA8poRbq0pzMh1iysE9YiVlC14kJF9ZI
                                                                                              Content-Length: 506
                                                                                              Host: analytics.apis.mcafee.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:36 GMT
                                                                                              Content-Type: application/x-amz-json-1.1
                                                                                              Content-Length: 133
                                                                                              Connection: keep-alive
                                                                                              x-amzn-RequestId: e632116c-1188-1091-b881-1e5cf669359f
                                                                                              x-amz-id-2: 1CkuIzWCipk8JH9MrDBvIH76byMDYDdH2Xl0X/3LpS3IPEdLDFexQDufl0HM7rp7ZyinPm5d3JDRDR1VLe9q14Xn7zxuhMtC
                                                                                            • flag-us
                                                                                              PUT
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              saBSI.exe
                                                                                              Remote address:
                                                                                              35.160.202.158:443
                                                                                              Request
                                                                                              PUT /mosaic/2.0/product-web/am/v1/record HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              User-Agent: SA
                                                                                              X-Api-Key: wtuQtD4DdA8poRbq0pzMh1iysE9YiVlC14kJF9ZI
                                                                                              Content-Length: 500
                                                                                              Host: analytics.apis.mcafee.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:59 GMT
                                                                                              Content-Type: application/x-amz-json-1.1
                                                                                              Content-Length: 133
                                                                                              Connection: keep-alive
                                                                                              x-amzn-RequestId: fe2489f5-4eae-fe8d-a097-86b2e92a947c
                                                                                              x-amz-id-2: P6msz2fWxiruY9E1AKWCeBeRkoLpCO8ca2wfZbyzCpjv8yrREnxtC+UKsYip5uiiE/k/uEnWraNylFqRLIJv6ClQjyVzYN7l
                                                                                            • flag-us
                                                                                              PUT
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              saBSI.exe
                                                                                              Remote address:
                                                                                              35.160.202.158:443
                                                                                              Request
                                                                                              PUT /mosaic/2.0/product-web/am/v1/record HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              User-Agent: SA
                                                                                              X-Api-Key: wtuQtD4DdA8poRbq0pzMh1iysE9YiVlC14kJF9ZI
                                                                                              Content-Length: 594
                                                                                              Host: analytics.apis.mcafee.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:59 GMT
                                                                                              Content-Type: application/x-amz-json-1.1
                                                                                              Content-Length: 133
                                                                                              Connection: keep-alive
                                                                                              x-amz-id-2: CO/GG/Yip8p1epsSMkE5MxWunr1qPAeHMxsNZFmxYwBlFcQLTBu81BQnO5LqRPdfi1Gd+bamecOOZel9Gx3xTnfoJ2EFh7Er
                                                                                              x-amzn-RequestId: e2da8640-e6f1-8df9-bc69-890742bb16f1
                                                                                            • flag-us
                                                                                              PUT
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              saBSI.exe
                                                                                              Remote address:
                                                                                              35.160.202.158:443
                                                                                              Request
                                                                                              PUT /mosaic/2.0/product-web/am/v1/record HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              User-Agent: SA
                                                                                              X-Api-Key: wtuQtD4DdA8poRbq0pzMh1iysE9YiVlC14kJF9ZI
                                                                                              Content-Length: 504
                                                                                              Host: analytics.apis.mcafee.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:59 GMT
                                                                                              Content-Type: application/x-amz-json-1.1
                                                                                              Content-Length: 133
                                                                                              Connection: keep-alive
                                                                                              x-amzn-RequestId: e2ab4b15-bd40-a609-bc18-44521ac4ccf8
                                                                                              x-amz-id-2: BKCT9N08auvy9I3LEKmApCtBg9JLNwd/qRDJRCokRrA8uBJaZFvtXlgy+yyfPA2iSyC2k6fwHlEmEH/m+vPL7nkEKvRofI2e
                                                                                            • flag-us
                                                                                              PUT
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              saBSI.exe
                                                                                              Remote address:
                                                                                              35.160.202.158:443
                                                                                              Request
                                                                                              PUT /mosaic/2.0/product-web/am/v1/record HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              User-Agent: SA
                                                                                              X-Api-Key: wtuQtD4DdA8poRbq0pzMh1iysE9YiVlC14kJF9ZI
                                                                                              Content-Length: 506
                                                                                              Host: analytics.apis.mcafee.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:02:00 GMT
                                                                                              Content-Type: application/x-amz-json-1.1
                                                                                              Content-Length: 133
                                                                                              Connection: keep-alive
                                                                                              x-amz-id-2: E9CvdItJvhmzHK3Pg1y6Lvv4bXraY+Slb48BYLaijDN1+SyiElcFaG1hnylf8/5xCsoeNei4WKY06gnFrIUcIkfM9EGhaWL4
                                                                                              x-amzn-RequestId: d459ed3e-cdb1-f87f-8aea-e27669fb6377
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 1144
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:36 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 262
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:36 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 256
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:36 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 473
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:36 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-us
                                                                                              DNS
                                                                                              121.136.73.23.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              121.136.73.23.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              121.136.73.23.in-addr.arpa
                                                                                              IN PTR
                                                                                              a23-73-136-121deploystaticakamaitechnologiescom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              25.208.239.18.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              25.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              25.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-208-25bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              ctldl.windowsupdate.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              ctldl.windowsupdate.com
                                                                                              IN A
                                                                                              Response
                                                                                              ctldl.windowsupdate.com
                                                                                              IN CNAME
                                                                                              ctldl.windowsupdate.com.delivery.microsoft.com
                                                                                              ctldl.windowsupdate.com.delivery.microsoft.com
                                                                                              IN CNAME
                                                                                              wu-b-net.trafficmanager.net
                                                                                              wu-b-net.trafficmanager.net
                                                                                              IN CNAME
                                                                                              download.windowsupdate.com.edgesuite.net
                                                                                              download.windowsupdate.com.edgesuite.net
                                                                                              IN CNAME
                                                                                              a767.dspw65.akamai.net
                                                                                              a767.dspw65.akamai.net
                                                                                              IN A
                                                                                              2.17.197.240
                                                                                              a767.dspw65.akamai.net
                                                                                              IN A
                                                                                              2.17.197.249
                                                                                            • flag-us
                                                                                              DNS
                                                                                              240.197.17.2.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              240.197.17.2.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              240.197.17.2.in-addr.arpa
                                                                                              IN PTR
                                                                                              a2-17-197-240deploystaticakamaitechnologiescom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              240.197.17.2.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              240.197.17.2.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              16.216.145.82.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              16.216.145.82.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              16.216.145.82.in-addr.arpa
                                                                                              IN PTR
                                                                                              vip02am4lbopera technology
                                                                                            • flag-us
                                                                                              DNS
                                                                                              update.reasonsecurity.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              update.reasonsecurity.com
                                                                                              IN A
                                                                                              Response
                                                                                              update.reasonsecurity.com
                                                                                              IN CNAME
                                                                                              d2ozbumhc9y601.cloudfront.net
                                                                                              d2ozbumhc9y601.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.25
                                                                                              d2ozbumhc9y601.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.54
                                                                                              d2ozbumhc9y601.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.35
                                                                                              d2ozbumhc9y601.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.43
                                                                                            • flag-us
                                                                                              DNS
                                                                                              update.reasonsecurity.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              update.reasonsecurity.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              24.216.145.82.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              24.216.145.82.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              24.216.145.82.in-addr.arpa
                                                                                              IN PTR
                                                                                              eu2-downloadoperacom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              electron-shell.reasonsecurity.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              electron-shell.reasonsecurity.com
                                                                                              IN A
                                                                                              Response
                                                                                              electron-shell.reasonsecurity.com
                                                                                              IN CNAME
                                                                                              d2axwe94icddzf.cloudfront.net
                                                                                              d2axwe94icddzf.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.34
                                                                                              d2axwe94icddzf.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.4
                                                                                              d2axwe94icddzf.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.81
                                                                                              d2axwe94icddzf.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.20
                                                                                            • flag-us
                                                                                              DNS
                                                                                              133.2.101.151.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              133.2.101.151.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              track.analytics-data.io
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              track.analytics-data.io
                                                                                              IN A
                                                                                              Response
                                                                                              track.analytics-data.io
                                                                                              IN CNAME
                                                                                              atom-production-collector-cyber-224812358.us-east-1.elb.amazonaws.com
                                                                                              atom-production-collector-cyber-224812358.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              3.230.7.139
                                                                                              atom-production-collector-cyber-224812358.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              3.213.31.22
                                                                                              atom-production-collector-cyber-224812358.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              23.23.83.187
                                                                                            • flag-us
                                                                                              DNS
                                                                                              sadownload.mcafee.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              sadownload.mcafee.com
                                                                                              IN A
                                                                                              Response
                                                                                              sadownload.mcafee.com
                                                                                              IN CNAME
                                                                                              sadownload-r53.awsconsumer.mcafee.com
                                                                                              sadownload-r53.awsconsumer.mcafee.com
                                                                                              IN CNAME
                                                                                              sadownload.mcafee.com.edgesuite.net
                                                                                              sadownload.mcafee.com.edgesuite.net
                                                                                              IN CNAME
                                                                                              a866.dscd.akamai.net
                                                                                              a866.dscd.akamai.net
                                                                                              IN A
                                                                                              96.16.53.134
                                                                                              a866.dscd.akamai.net
                                                                                              IN A
                                                                                              96.16.53.139
                                                                                            • flag-us
                                                                                              DNS
                                                                                              174.84.68.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              174.84.68.104.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              174.84.68.104.in-addr.arpa
                                                                                              IN PTR
                                                                                              a104-68-84-174deploystaticakamaitechnologiescom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              12.208.239.18.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              12.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              12.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-208-12bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              ocsp.sectigo.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              ocsp.sectigo.com
                                                                                              IN A
                                                                                              Response
                                                                                              ocsp.sectigo.com
                                                                                              IN CNAME
                                                                                              ocsp.comodoca.com.cdn.cloudflare.net
                                                                                              ocsp.comodoca.com.cdn.cloudflare.net
                                                                                              IN A
                                                                                              104.18.38.233
                                                                                              ocsp.comodoca.com.cdn.cloudflare.net
                                                                                              IN A
                                                                                              172.64.149.23
                                                                                            • flag-us
                                                                                              DNS
                                                                                              nexusrules.officeapps.live.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              nexusrules.officeapps.live.com
                                                                                              IN A
                                                                                              Response
                                                                                              nexusrules.officeapps.live.com
                                                                                              IN CNAME
                                                                                              prod.nexusrules.live.com.akadns.net
                                                                                              prod.nexusrules.live.com.akadns.net
                                                                                              IN A
                                                                                              52.111.227.11
                                                                                            • flag-us
                                                                                              DNS
                                                                                              11.227.111.52.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              11.227.111.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              ctldl.windowsupdate.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              ctldl.windowsupdate.com
                                                                                              IN A
                                                                                              Response
                                                                                              ctldl.windowsupdate.com
                                                                                              IN CNAME
                                                                                              ctldl.windowsupdate.com.delivery.microsoft.com
                                                                                              ctldl.windowsupdate.com.delivery.microsoft.com
                                                                                              IN CNAME
                                                                                              wu-b-net.trafficmanager.net
                                                                                              wu-b-net.trafficmanager.net
                                                                                              IN CNAME
                                                                                              wu.azureedge.net
                                                                                              wu.azureedge.net
                                                                                              IN CNAME
                                                                                              wu.ec.azureedge.net
                                                                                              wu.ec.azureedge.net
                                                                                              IN CNAME
                                                                                              bg.apr-52dd2-0503.edgecastdns.net
                                                                                              bg.apr-52dd2-0503.edgecastdns.net
                                                                                              IN CNAME
                                                                                              hlb.apr-52dd2-0.edgecastdns.net
                                                                                              hlb.apr-52dd2-0.edgecastdns.net
                                                                                              IN CNAME
                                                                                              cs11.wpc.v0cdn.net
                                                                                              cs11.wpc.v0cdn.net
                                                                                              IN A
                                                                                              93.184.221.240
                                                                                            • flag-us
                                                                                              DNS
                                                                                              240.221.184.93.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              240.221.184.93.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              router.bittorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              router.bittorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              router.bittorrent.com
                                                                                              IN A
                                                                                              67.215.246.10
                                                                                            • flag-us
                                                                                              DNS
                                                                                              router.bittorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              router.bittorrent.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              router.bittorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              router.bittorrent.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.213.31.22:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1865
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:41 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.213.31.22:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1837
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:40 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.213.31.22:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1866
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:43 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.213.31.22:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1875
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:42 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.213.31.22:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1887
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:44 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.213.31.22:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1887
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:44 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 505
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:53 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 256
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:53 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 256
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:53 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 277
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:54 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 325
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:54 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 276
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:55 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-nl
                                                                                              POST
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              OperaSetup.exe
                                                                                              Remote address:
                                                                                              82.145.217.121:443
                                                                                              Request
                                                                                              POST /v1/binary HTTP/1.1
                                                                                              Authorization: Basic dmFBZUV4c1JXQmViWm9McmNpVGlFSFpmWUdXeUlXMFo6
                                                                                              User-Agent: Opera installer
                                                                                              Host: desktop-netinstaller-sub.osp.opera.software
                                                                                              Content-Length: 256
                                                                                              Cache-Control: no-cache
                                                                                              Response
                                                                                              HTTP/1.1 201 CREATED
                                                                                              Server: nginx/1.18.0
                                                                                              Date: Mon, 06 May 2024 17:01:55 GMT
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              Content-Length: 36
                                                                                              Connection: keep-alive
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.230.7.139:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1898
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:54 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.230.7.139:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1886
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:54 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-be
                                                                                              POST
                                                                                              https://home.mcafee.com/webservices/eulaservice.asmx
                                                                                              installer.exe
                                                                                              Remote address:
                                                                                              104.68.84.174:443
                                                                                              Request
                                                                                              POST /webservices/eulaservice.asmx HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: text/xml; charset=utf-8
                                                                                              Host: home.mcafee.com
                                                                                              User-Agent: SA
                                                                                              SOAPAction: http://home.mcafee.com/SaveEulaTrackingDetails
                                                                                              Content-Length: 986
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/xml; charset=utf-8
                                                                                              Content-Length: 412
                                                                                              Cache-Control: private, max-age=0
                                                                                              Server: McAfee
                                                                                              X-Robots-Tag: noindex, nofollow
                                                                                              SN: EC2AMAZ-QNVFRFB
                                                                                              X-Frame-Options: ALLOW-FROM https://home.mcafee.com
                                                                                              Date: Mon, 06 May 2024 17:01:58 GMT
                                                                                              Connection: keep-alive
                                                                                              Set-Cookie: session%5Fdata=%3cSessionData%3e%0d%0a++%3ctempfrlu%3e%3c%2ftempfrlu%3e%0d%0a%3c%2fSessionData%3e; domain=mcafee.com; path=/; secure; HttpOnly
                                                                                              Set-Cookie: SiteID=1; domain=mcafee.com; expires=Sat, 06-May-2034 17:01:58 GMT; path=/; secure; HttpOnly
                                                                                              Set-Cookie: langid=1; domain=mcafee.com; expires=Wed, 06-May-2054 17:01:58 GMT; path=/; secure; HttpOnly
                                                                                              Set-Cookie: SessionInfo=AffiliateId=0; domain=mcafee.com; path=/; secure; HttpOnly
                                                                                              Set-Cookie: lBounceURL=; domain=mcafee.com; expires=Sun, 05-May-2024 17:01:58 GMT; path=/; secure; HttpOnly
                                                                                              Set-Cookie: lUsrCtxPersist=; domain=mcafee.com; expires=Sat, 06-May-2034 17:01:58 GMT; path=/; secure; HttpOnly
                                                                                              Set-Cookie: lUsrCtxSession=%3cUserContext%3e%3cAffID%3e0%3c%2fAffID%3e%3cAffBuildID%3e0%3c%2fAffBuildID%3e%3c%2fUserContext%3e; domain=mcafee.com; path=/; secure; HttpOnly
                                                                                              Set-Cookie: Locale=EN-US; domain=mcafee.com; expires=Sat, 06-May-2034 17:01:58 GMT; path=/; secure; HttpOnly
                                                                                              Set-Cookie: HPrst=gu=e002a09f-1938-4720-bdd2-f4b72cdaac41&loc=EN-US; domain=mcafee.com; expires=Sat, 06-May-2034 17:01:58 GMT; path=/; secure; HttpOnly
                                                                                              Set-Cookie: AffID=0-0; domain=mcafee.com; path=/; secure; HttpOnly
                                                                                              Set-Cookie: Currency=56; domain=mcafee.com; path=/; secure; HttpOnly
                                                                                              Set-Cookie: HRntm=iodtf=iq5nNK-ISQc78yUmSkAv9A2&atf=&rf=&hcof=iq5nNK-ISQc78yUmSkAv9A2&emailid=&usrrefid=&optin=&optinvalues=&aff=0-0&cur=56&pple=iq5nNK-ISQc78yUmSkAv9A2&inur=iq5nNK-ISQc78yUmSkAv9A2&ituof=iq5nNK-ISQc78yUmSkAv9A2&ieu=iq5nNK-ISQc78yUmSkAv9A2&isr=iq5nNK-ISQc78yUmSkAv9A2&sbo=iq5nNK-ISQc78yUmSkAv9A2&om_icr=iq5nNK-ISQc78yUmSkAv9A2&om_upsa=iq5nNK-ISQc78yUmSkAv9A2&ttprdt=iq5nNK-ISQc78yUmSkAv9A2&flgn=iq5nNK-ISQc78yUmSkAv9A2&pbinfo=iq5nNK-ISQc78yUmSkAv9A2&rnwtrk=&clicksrctrk=&rqwtrk=&rqwtrkhs=&vpp=iq5nNK-ISQc78yUmSkAv9A2&mip=iq5nNK-ISQc78yUmSkAv9A2; domain=mcafee.com; path=/; secure; HttpOnly
                                                                                              Set-Cookie: Acpc=; domain=mcafee.com; expires=Sat, 06-May-2034 17:01:58 GMT; path=/; secure; HttpOnly
                                                                                              Set-Cookie: Acsc=; domain=mcafee.com; path=/; secure; HttpOnly
                                                                                              Set-Cookie: Aksc=cntrycd=j_DXXHnM-B-4fMzzHrXlfg2&rgncd=DF3s36w8CetOCFNyTLjQwA2&city=BNp7pQqD0dARPEavv5mwMQ2&contnt=tavinROewP7H8YXhQpB2AA2&thrput=OV_vUmoBuOXyWiozJodFWg2&bw=JkwoGAMd7-X0BW_f0oaLPg2&akc=-KEVbfosyjjcHkMTrJzqTQ2; domain=mcafee.com; path=/; secure; HttpOnly
                                                                                              Server-Timing: cdn-cache; desc=MISS
                                                                                              Server-Timing: edge; dur=160
                                                                                              Server-Timing: origin; dur=20
                                                                                              Server-Timing: intid;desc=5f25305091dfb0ea
                                                                                              Server-Timing: ak_p; desc="1715014918210_34719124_102850532_18012_3966_30_60_-";dur=1
                                                                                            • flag-us
                                                                                              PUT
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              installer.exe
                                                                                              Remote address:
                                                                                              35.160.202.158:443
                                                                                              Request
                                                                                              PUT /mosaic/2.0/product-web/am/v1/record HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              User-Agent: SA
                                                                                              X-Api-Key: wtuQtD4DdA8poRbq0pzMh1iysE9YiVlC14kJF9ZI
                                                                                              Content-Length: 418
                                                                                              Host: analytics.apis.mcafee.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:01:59 GMT
                                                                                              Content-Type: application/x-amz-json-1.1
                                                                                              Content-Length: 133
                                                                                              Connection: keep-alive
                                                                                              x-amz-id-2: AApz1ywJWaFXzNVGPWi2gF10ghhu/sikTZNBTy+cCdR3zuMyFtKuMOAX/OVup32YRPOw4MZhoDedc5kL/s4rk4pEXP1jRUoD
                                                                                              x-amzn-RequestId: f5ab2f6e-ed9a-b551-ab18-2029e4f59697
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.230.7.139:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1886
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:02:00 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.230.7.139:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1869
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:02:00 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.230.7.139:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 2074
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:02:02 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.230.7.139:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1872
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:02:02 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.230.7.139:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1902
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:02:04 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://track.analytics-data.io/
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              Remote address:
                                                                                              3.230.7.139:443
                                                                                              Request
                                                                                              POST / HTTP/1.1
                                                                                              Accept: application/json
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Host: track.analytics-data.io
                                                                                              Content-Length: 1912
                                                                                              Expect: 100-continue
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Date: Mon, 06 May 2024 17:02:04 GMT
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Content-Length: 15
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-21.b-47082.ut.bench.utorrent.com
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-21.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              i-21.b-47082.ut.bench.utorrent.com
                                                                                              IN CNAME
                                                                                              bench.utp.st
                                                                                              bench.utp.st
                                                                                              IN CNAME
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.5.70.92
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.1.89.18
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.214.14.78
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.1.245.247
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.218.73.120
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.55.162.212
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.204.74.82
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.0.219.152
                                                                                            • flag-us
                                                                                              DNS
                                                                                              92.70.5.52.in-addr.arpa
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              92.70.5.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              92.70.5.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              ec2-52-5-70-92 compute-1 amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              92.70.5.52.in-addr.arpa
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              92.70.5.52.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-21.b-47082.ut.bench.utorrent.com/e?i=21
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.5.70.92:80
                                                                                              Request
                                                                                              POST /e?i=21 HTTP/1.1
                                                                                              Host: i-21.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 274
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:40 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-21.b-47082.ut.bench.utorrent.com/e?i=21
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.5.70.92:80
                                                                                              Request
                                                                                              POST /e?i=21 HTTP/1.1
                                                                                              Host: i-21.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 395
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:40 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-24.b-47082.ut.bench.utorrent.com
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-24.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              i-24.b-47082.ut.bench.utorrent.com
                                                                                              IN CNAME
                                                                                              bench.utp.st
                                                                                              bench.utp.st
                                                                                              IN CNAME
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.0.219.152
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.21.50.61
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.204.74.82
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.0.235.250
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.5.70.92
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.214.14.78
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.205.169.46
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.218.73.120
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-24.b-47082.ut.bench.utorrent.com
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-24.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-24.b-47082.ut.bench.utorrent.com
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-24.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              update.bittorrent.com
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              update.bittorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              update.bittorrent.com
                                                                                              IN A
                                                                                              173.254.195.58
                                                                                            • flag-us
                                                                                              DNS
                                                                                              apps.bittorrent.com
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              apps.bittorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              apps.bittorrent.com
                                                                                              IN CNAME
                                                                                              bittorrent-1.hs.llnwd.net
                                                                                              bittorrent-1.hs.llnwd.net
                                                                                              IN A
                                                                                              87.248.205.1
                                                                                            • flag-us
                                                                                              DNS
                                                                                              cdn.ap.bittorrent.com
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              cdn.ap.bittorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              cdn.ap.bittorrent.com
                                                                                              IN CNAME
                                                                                              bittorrent-1.hs.llnwd.net
                                                                                              bittorrent-1.hs.llnwd.net
                                                                                              IN A
                                                                                              87.248.205.1
                                                                                            • flag-us
                                                                                              DNS
                                                                                              login.live.com
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              login.live.com
                                                                                              IN A
                                                                                              Response
                                                                                              login.live.com
                                                                                              IN CNAME
                                                                                              login.msa.msidentity.com
                                                                                              login.msa.msidentity.com
                                                                                              IN CNAME
                                                                                              www.tm.lg.prod.aadmsa.akadns.net
                                                                                              www.tm.lg.prod.aadmsa.akadns.net
                                                                                              IN CNAME
                                                                                              prdv4a.aadg.msidentity.com
                                                                                              prdv4a.aadg.msidentity.com
                                                                                              IN CNAME
                                                                                              www.tm.v4.a.prd.aadg.akadns.net
                                                                                              www.tm.v4.a.prd.aadg.akadns.net
                                                                                              IN A
                                                                                              20.190.159.71
                                                                                              www.tm.v4.a.prd.aadg.akadns.net
                                                                                              IN A
                                                                                              20.190.159.64
                                                                                              www.tm.v4.a.prd.aadg.akadns.net
                                                                                              IN A
                                                                                              40.126.31.71
                                                                                              www.tm.v4.a.prd.aadg.akadns.net
                                                                                              IN A
                                                                                              20.190.159.73
                                                                                              www.tm.v4.a.prd.aadg.akadns.net
                                                                                              IN A
                                                                                              20.190.159.2
                                                                                              www.tm.v4.a.prd.aadg.akadns.net
                                                                                              IN A
                                                                                              40.126.31.73
                                                                                              www.tm.v4.a.prd.aadg.akadns.net
                                                                                              IN A
                                                                                              20.190.159.4
                                                                                              www.tm.v4.a.prd.aadg.akadns.net
                                                                                              IN A
                                                                                              40.126.31.67
                                                                                            • flag-us
                                                                                              DNS
                                                                                              1.205.248.87.in-addr.arpa
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              1.205.248.87.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              1.205.248.87.in-addr.arpa
                                                                                              IN PTR
                                                                                              https-87-248-205-1lgwllnwnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              1.205.248.87.in-addr.arpa
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              1.205.248.87.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              1.205.248.87.in-addr.arpa
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              1.205.248.87.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-gb
                                                                                              GET
                                                                                              http://apps.bittorrent.com/utorrent-onboarding/player.btapp
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:80
                                                                                              Request
                                                                                              GET /utorrent-onboarding/player.btapp HTTP/1.1
                                                                                              Host: apps.bittorrent.com
                                                                                              User-Agent: BTWebClient/360S(47082)
                                                                                              Accept-Encoding: gzip
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 403 Forbidden
                                                                                              x-amz-request-id: VBB45STQ8A18TSZN
                                                                                              x-amz-id-2: AlNLvFEgGlofm60siFHuiSKSYOyMq9Wh9AjBIEO6eXzmw11QfPspyG7WaX4+9LGhbv4dLHlaeCQ=
                                                                                              Content-Type: application/xml
                                                                                              Server: AmazonS3
                                                                                              Age: 567
                                                                                              Date: Mon, 06 May 2024 17:02:42 GMT
                                                                                              Expires: Mon, 06 May 2024 17:23:18 GMT
                                                                                              X-LLID: f2c0bd3b405b95c488224209d518d33a
                                                                                              Connection: close
                                                                                              Cache-Control: max-age=86400
                                                                                            • flag-gb
                                                                                              GET
                                                                                              http://cdn.ap.bittorrent.com/control/feature/tags/ut.json
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:80
                                                                                              Request
                                                                                              GET /control/feature/tags/ut.json HTTP/1.1
                                                                                              Host: cdn.ap.bittorrent.com
                                                                                              User-Agent: BTWebClient/360S(47082)
                                                                                              Accept-Encoding: gzip
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              x-amz-id-2: qPxMSF1sWoIQ/cymLYo54D7amQQNeUcGUocSp5v+yPiCYZ7dC8dWwb8q95kz8RbP67MVf4VeEOs=
                                                                                              x-amz-request-id: NKF1TV6J3F51W7SW
                                                                                              Content-Type: application/json
                                                                                              Server: AmazonS3
                                                                                              X-LLID: 3caf060c92461f74859358dff03bb66f
                                                                                              Age: 37935
                                                                                              Date: Mon, 06 May 2024 17:02:42 GMT
                                                                                              Last-Modified: Tue, 21 Nov 2023 21:59:22 GMT
                                                                                              Expires: Tue, 07 May 2024 06:30:27 GMT
                                                                                              Content-Length: 3869
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Cache-Control: max-age=86400
                                                                                            • flag-gb
                                                                                              GET
                                                                                              http://cdn.ap.bittorrent.com/control/tags/ut.json
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:80
                                                                                              Request
                                                                                              GET /control/tags/ut.json HTTP/1.1
                                                                                              Host: cdn.ap.bittorrent.com
                                                                                              User-Agent: BTWebClient/360S(47082)
                                                                                              Accept-Encoding: gzip
                                                                                              Accept-Language: en-US
                                                                                              Connection: Close
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              x-amz-id-2: WPyy0pdu7+lQneQYxemfsiwbfbOljB6UjoBZz8Wmv8/hBdHqOb7OKYqj9zOW+rsL93/OaLpPDlY=
                                                                                              x-amz-request-id: DMXFH8R7K1S57JTH
                                                                                              Content-Type: application/json
                                                                                              Server: AmazonS3
                                                                                              X-LLID: 4e007df34b573f4d721883017f0d6381
                                                                                              Age: 37937
                                                                                              Date: Mon, 06 May 2024 17:02:43 GMT
                                                                                              Last-Modified: Mon, 06 May 2024 06:21:19 GMT
                                                                                              Expires: Tue, 07 May 2024 06:30:26 GMT
                                                                                              Content-Length: 31985
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Cache-Control: max-age=86400
                                                                                            • flag-us
                                                                                              DNS
                                                                                              71.159.190.20.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              71.159.190.20.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              71.159.190.20.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              71.159.190.20.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              71.159.190.20.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              71.159.190.20.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              nav.smartscreen.microsoft.com
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              nav.smartscreen.microsoft.com
                                                                                              IN A
                                                                                              Response
                                                                                              nav.smartscreen.microsoft.com
                                                                                              IN CNAME
                                                                                              wd-prod-ss.trafficmanager.net
                                                                                              wd-prod-ss.trafficmanager.net
                                                                                              IN CNAME
                                                                                              wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com
                                                                                              wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com
                                                                                              IN A
                                                                                              20.162.145.158
                                                                                            • flag-us
                                                                                              DNS
                                                                                              utorrent.com
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              utorrent.com
                                                                                              IN A
                                                                                              98.143.146.7
                                                                                            • flag-us
                                                                                              DNS
                                                                                              utorrent.com
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              utorrent.com
                                                                                              IN A
                                                                                              98.143.146.7
                                                                                            • flag-us
                                                                                              DNS
                                                                                              smartscreen.microsoft.com
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              smartscreen.microsoft.com
                                                                                              IN A
                                                                                              Response
                                                                                              smartscreen.microsoft.com
                                                                                              IN CNAME
                                                                                              wd-prod-ss.trafficmanager.net
                                                                                              wd-prod-ss.trafficmanager.net
                                                                                              IN CNAME
                                                                                              wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com
                                                                                              wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com
                                                                                              IN A
                                                                                              20.162.145.158
                                                                                            • flag-us
                                                                                              DNS
                                                                                              158.145.162.20.in-addr.arpa
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              158.145.162.20.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              video.rainberrytv.com
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              video.rainberrytv.com
                                                                                              IN A
                                                                                              Response
                                                                                              video.rainberrytv.com
                                                                                              IN CNAME
                                                                                              bittorrent-4.hs.llnwd.net
                                                                                              bittorrent-4.hs.llnwd.net
                                                                                              IN A
                                                                                              87.248.205.1
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-49.b-47082.ut.bench.utorrent.com
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-49.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              i-49.b-47082.ut.bench.utorrent.com
                                                                                              IN CNAME
                                                                                              bench.utp.st
                                                                                              bench.utp.st
                                                                                              IN CNAME
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.5.70.92
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.1.89.18
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.214.14.78
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.1.245.247
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.218.73.120
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.55.162.212
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.204.74.82
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.0.219.152
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-49.b-47082.ut.bench.utorrent.com
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-49.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/actions
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/actions HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiRWdKS1VzWGFCN3c9Iiwia2V5IjoiK1BzVEd1clAwU1dqdnlzSW51WmMyZz09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1291
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 4472
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:43 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/actions
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/actions HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiWm9rQzNUbFJMZHM9Iiwia2V5IjoiOEdWdlRtUlNIZGJ0b0FZczRSdDFxUT09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1291
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 4472
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:43 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utorrent.com/prodnews?v=3%2e6%2e0%2e1%2e47082&pv=0.0.0.0.0
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              98.143.146.7:80
                                                                                              Request
                                                                                              GET /prodnews?v=3%2e6%2e0%2e1%2e47082&pv=0.0.0.0.0 HTTP/1.1
                                                                                              Host: utorrent.com
                                                                                              Connection: keep-alive
                                                                                              DNT: 1
                                                                                              Upgrade-Insecure-Requests: 1
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 301 Moved Permanently
                                                                                              Server: nginx/1.4.7
                                                                                              Date: Mon, 06 May 2024 17:02:44 GMT
                                                                                              Content-Type: text/html
                                                                                              Content-Length: 184
                                                                                              Connection: keep-alive
                                                                                              Location: http://www.utorrent.com/prodnews
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-24.b-47082.ut.bench.utorrent.com/e?i=24
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.0.219.152:80
                                                                                              Request
                                                                                              POST /e?i=24 HTTP/1.1
                                                                                              Host: i-24.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 193
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:44 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-64.b-47082.ut.bench.utorrent.com/e?i=64
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              44.214.14.78:80
                                                                                              Request
                                                                                              POST /e?i=64 HTTP/1.1
                                                                                              Host: i-64.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 197
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:44 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "170540185939602997400506234197983529371"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=86400
                                                                                              Content-Length: 460992
                                                                                              Content-Type: application/octet-stream
                                                                                              ETag: "638004170464094982"
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: EnableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,TopTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:44 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "170540185939602997400506234197983529371"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/data/settings HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiWm9rQzNUbFJMZHM9Iiwia2V5IjoiOEdWdlRtUlNIZGJ0b0FZczRSdDFxUT09In0=
                                                                                              If-None-Match: "2.0-0"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1291
                                                                                              Host: smartscreen.microsoft.com
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/data/settings HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiRWdKS1VzWGFCN3c9Iiwia2V5IjoiK1BzVEd1clAwU1dqdnlzSW51WmMyZz09In0=
                                                                                              If-None-Match: "2.0-0"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1291
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Length: 129085
                                                                                              Content-Type: application/octet-stream
                                                                                              ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:43 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "636976985063396749.rel.v2"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=86400
                                                                                              Content-Length: 57
                                                                                              Content-Type: application/octet-stream
                                                                                              ETag: "638343870221005468"
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: EnableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,TopTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:44 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "636976985063396749.rel.v2"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=86400
                                                                                              Content-Length: 57
                                                                                              Content-Type: application/octet-stream
                                                                                              ETag: "638343870221005468"
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: EnableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,TopTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:43 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/actions
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/actions HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiZ2ZiM25SYkQzTUU9Iiwia2V5IjoiTk53QUs5Q3YySVQrU2NQYmxBcmhyUT09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1291
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 4472
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:44 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              DNS
                                                                                              7.146.143.98.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              7.146.143.98.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              7.146.143.98.in-addr.arpa
                                                                                              IN PTR
                                                                                              981431467static quadranetcom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              cdnjs.cloudflare.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              cdnjs.cloudflare.com
                                                                                              IN A
                                                                                              Response
                                                                                              cdnjs.cloudflare.com
                                                                                              IN A
                                                                                              104.17.24.14
                                                                                              cdnjs.cloudflare.com
                                                                                              IN A
                                                                                              104.17.25.14
                                                                                            • flag-us
                                                                                              DNS
                                                                                              122.208.239.18.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              122.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              122.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-208-122bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              ced.sascdn.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              ced.sascdn.com
                                                                                              IN A
                                                                                              Response
                                                                                              ced.sascdn.com
                                                                                              IN CNAME
                                                                                              akamai.smartadserver.com.edgesuite.net
                                                                                              akamai.smartadserver.com.edgesuite.net
                                                                                              IN CNAME
                                                                                              a1184.b.akamai.net
                                                                                              a1184.b.akamai.net
                                                                                              IN A
                                                                                              2.18.190.77
                                                                                              a1184.b.akamai.net
                                                                                              IN A
                                                                                              2.18.190.81
                                                                                            • flag-us
                                                                                              DNS
                                                                                              ced.sascdn.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              ced.sascdn.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              78.14.214.44.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              78.14.214.44.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              78.14.214.44.in-addr.arpa
                                                                                              IN PTR
                                                                                              ec2-44-214-14-78 compute-1 amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-32.b-47082.ut.bench.utorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-32.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              i-32.b-47082.ut.bench.utorrent.com
                                                                                              IN CNAME
                                                                                              bench.utp.st
                                                                                              bench.utp.st
                                                                                              IN CNAME
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.1.109.224
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.218.73.120
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              50.17.80.143
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.21.50.61
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.214.14.78
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.205.169.46
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.0.219.152
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.0.235.250
                                                                                            • flag-us
                                                                                              DNS
                                                                                              120.244.204.52.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              120.244.204.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              120.244.204.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              ec2-52-204-244-120 compute-1 amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              cdn.polyfill.io
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              cdn.polyfill.io
                                                                                              IN A
                                                                                              Response
                                                                                              cdn.polyfill.io
                                                                                              IN CNAME
                                                                                              cdn.polyfill.io.cdn.cloudflare.net
                                                                                              cdn.polyfill.io.cdn.cloudflare.net
                                                                                              IN A
                                                                                              104.18.53.237
                                                                                              cdn.polyfill.io.cdn.cloudflare.net
                                                                                              IN A
                                                                                              104.18.53.44
                                                                                            • flag-us
                                                                                              DNS
                                                                                              cdn.polyfill.io
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              cdn.polyfill.io
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              152.219.0.52.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              152.219.0.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              152.219.0.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              ec2-52-0-219-152 compute-1 amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              www.utorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              www.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              www.utorrent.com
                                                                                              IN CNAME
                                                                                              d37p7e9mldky5m.cloudfront.net
                                                                                              d37p7e9mldky5m.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.122
                                                                                              d37p7e9mldky5m.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.117
                                                                                              d37p7e9mldky5m.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.124
                                                                                              d37p7e9mldky5m.cloudfront.net
                                                                                              IN A
                                                                                              18.239.208.91
                                                                                            • flag-us
                                                                                              DNS
                                                                                              224.109.1.52.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              224.109.1.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              224.109.1.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              ec2-52-1-109-224 compute-1 amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              content.bt.co
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              content.bt.co
                                                                                              IN A
                                                                                              Response
                                                                                              content.bt.co
                                                                                              IN CNAME
                                                                                              bittorrent-4.hs.llnwd.net
                                                                                              bittorrent-4.hs.llnwd.net
                                                                                              IN A
                                                                                              87.248.205.1
                                                                                            • flag-us
                                                                                              DNS
                                                                                              cdn.jsdelivr.net
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              cdn.jsdelivr.net
                                                                                              IN A
                                                                                              Response
                                                                                              cdn.jsdelivr.net
                                                                                              IN CNAME
                                                                                              jsdelivr.map.fastly.net
                                                                                              jsdelivr.map.fastly.net
                                                                                              IN A
                                                                                              151.101.1.229
                                                                                              jsdelivr.map.fastly.net
                                                                                              IN A
                                                                                              151.101.65.229
                                                                                              jsdelivr.map.fastly.net
                                                                                              IN A
                                                                                              151.101.129.229
                                                                                              jsdelivr.map.fastly.net
                                                                                              IN A
                                                                                              151.101.193.229
                                                                                            • flag-us
                                                                                              DNS
                                                                                              cdn.jsdelivr.net
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              cdn.jsdelivr.net
                                                                                              IN A
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-29.b-47082.ut.bench.utorrent.com/e?i=29
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.204.244.120:80
                                                                                              Request
                                                                                              POST /e?i=29 HTTP/1.1
                                                                                              Host: i-29.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 198
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:44 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-29.b-47082.ut.bench.utorrent.com/e?i=29
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.204.244.120:80
                                                                                              Request
                                                                                              POST /e?i=29 HTTP/1.1
                                                                                              Host: i-29.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 172
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient.utorrent.com/pro/utorrent/index.html
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.54:80
                                                                                              Request
                                                                                              GET /pro/utorrent/index.html HTTP/1.1
                                                                                              Host: utclient.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              Upgrade-Insecure-Requests: 1
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Content-Length: 264
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Fri, 25 Sep 2015 22:12:20 GMT
                                                                                              x-amz-meta-s3cmd-attrs: uid:107/gname:jenkins/uname:jenkins/gid:120/mode:33188/mtime:1443217638/atime:1443219138/ctime:1443217638
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 17:00:41 GMT
                                                                                              Cache-Control: s-maxage=300
                                                                                              ETag: "434e7ed8b328eeb62baef09aeed034f1"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 500dd27a29c16a186d1b5c347c341348.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: bIel3CpP5jBeYu9-PfgL_GUxSdCix-nA1R_ZxKSiLxLnRAOOSJrn5g==
                                                                                              Age: 126
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient.utorrent.com/pro/commonjs/redirect.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.54:80
                                                                                              Request
                                                                                              GET /pro/commonjs/redirect.js HTTP/1.1
                                                                                              Host: utclient.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: */*
                                                                                              Referer: http://utclient.utorrent.com/pro/utorrent/index.html
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: application/javascript
                                                                                              Content-Length: 1527
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Fri, 25 Sep 2015 22:12:19 GMT
                                                                                              x-amz-meta-s3cmd-attrs: uid:107/gname:jenkins/uname:jenkins/gid:120/mode:33188/mtime:1443219138/atime:1443219138/ctime:1443219138
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 16:59:28 GMT
                                                                                              Cache-Control: s-maxage=300
                                                                                              ETag: "c74dee59197cdf92f31a702f6f121b16"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 500dd27a29c16a186d1b5c347c341348.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: OgaxABF_mhe2RMmJkQBjQ8YmLY1jY0ec6uBZMlIep_hUNvKDZ38lCw==
                                                                                              Age: 207
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient.utorrent.com/pro/index.html?brand=ut
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.54:80
                                                                                              Request
                                                                                              GET /pro/index.html?brand=ut HTTP/1.1
                                                                                              Host: utclient.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              Upgrade-Insecure-Requests: 1
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              Referer: http://utclient.utorrent.com/pro/utorrent/index.html
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Content-Length: 1555
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Tue, 03 Jan 2023 01:45:11 GMT
                                                                                              x-amz-server-side-encryption: AES256
                                                                                              x-amz-meta-s3cmd-attrs: uid:107/gname:jenkins/uname:jenkins/gid:120/mode:33188/mtime:1672710309/atime:1672710309/ctime:1672710309
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 17:01:12 GMT
                                                                                              Cache-Control: s-maxage=300
                                                                                              ETag: "1de6215ea9ef758316ad153621dbc3b2"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 500dd27a29c16a186d1b5c347c341348.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: 4rMZti1GBeteqVkOQD6mATCfmbQTpqtAihaDnIOW1kscUaNDYRQWVg==
                                                                                              Age: 191
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient.utorrent.com/pro/style.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.54:80
                                                                                              Request
                                                                                              GET /pro/style.css HTTP/1.1
                                                                                              Host: utclient.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: text/css,*/*;q=0.1
                                                                                              Referer: http://utclient.utorrent.com/pro/index.html?brand=ut
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/css
                                                                                              Content-Length: 480
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Mon, 13 Apr 2020 19:41:01 GMT
                                                                                              x-amz-meta-s3cmd-attrs: uid:107/gname:jenkins/uname:jenkins/gid:120/mode:33188/mtime:1565983458/atime:1586552939/ctime:1565983458
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 17:02:05 GMT
                                                                                              Cache-Control: s-maxage=300
                                                                                              ETag: "71e80b72fd5e42432ab0b23d3d525e0d"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 500dd27a29c16a186d1b5c347c341348.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: NzyqvcF0NPbJsI1OgdPLan4_EwSe87lcxnlq6JDexY5zM4Lv-IrOmQ==
                                                                                              Age: 78
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient.utorrent.com/pro/table.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.54:80
                                                                                              Request
                                                                                              GET /pro/table.css HTTP/1.1
                                                                                              Host: utclient.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: text/css,*/*;q=0.1
                                                                                              Referer: http://utclient.utorrent.com/pro/index.html?brand=ut
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/css
                                                                                              Content-Length: 3703
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Wed, 25 Oct 2023 21:35:19 GMT
                                                                                              x-amz-server-side-encryption: AES256
                                                                                              x-amz-meta-s3cmd-attrs: uid:107/gname:jenkins/uname:jenkins/gid:120/mode:33188/mtime:1698064228/atime:1698269717/ctime:1698064228
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 17:02:05 GMT
                                                                                              Cache-Control: s-maxage=300
                                                                                              ETag: "aa4114c87014e04137748773670b7446"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 2ae90e7f79d3d333546a65283ed748ca.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: taiYyjfh-J-PLGwfB7ebeU-rnr7lNOH4HbKIRTaPbMPB3GWJV_IQIA==
                                                                                              Age: 50
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0 HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              upgrade-insecure-requests: 1
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              sec-fetch-site: none
                                                                                              sec-fetch-mode: navigate
                                                                                              sec-fetch-user: ?1
                                                                                              sec-fetch-dest: document
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: qgM9RkvN/weT/ag3+AHjOzrDbW+xn0Swbnd1ujZpTRyTUWfDXYbQUKWrGj4V/NPnakLzE90auoI=
                                                                                              x-amz-request-id: 5GZ4WYR846MQTGVH
                                                                                              content-type: text/html
                                                                                              server: AmazonS3
                                                                                              x-llid: dbbb5c6abc0f0ea756bd34ec6718e7b9
                                                                                              age: 1281
                                                                                              date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 3826
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/network/start.html?ver=3%2e6%2e0%2e1%2e47082
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /network/start.html?ver=3%2e6%2e0%2e1%2e47082 HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              upgrade-insecure-requests: 1
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              sec-fetch-site: none
                                                                                              sec-fetch-mode: navigate
                                                                                              sec-fetch-user: ?1
                                                                                              sec-fetch-dest: document
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: PbOd/tC/QI2Wl5JBPkpBiEvs2OgnIa2i3ugh/pR2W8cFikiG6wRZ/FQK0lEkbyGTb9fvuuMEHJU=
                                                                                              x-amz-request-id: JXE8D2B1FR1SKM40
                                                                                              content-type: text/html
                                                                                              server: AmazonS3
                                                                                              x-llid: dc7a4969028b5edc91f5202c8d8ce447
                                                                                              age: 4733
                                                                                              date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 31
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/smartUtil.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/smartUtil.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: LPZoOnhR/O1bS1d7By0RNPKvqMNTPBYlVzDrYHt9y514pr6fB956qrwWA1qatklTLt/t+tXBCm8=
                                                                                              x-amz-request-id: JXEEGSG12ST8PJFF
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: 6acc86922ffb652287ddd754d3a647a2
                                                                                              age: 1276
                                                                                              date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 20701
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/assets/js/yaml.min.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /assets/js/yaml.min.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: HsfSln+LroPdRQfB5IzMjM2eStqGDxMjWVXvB57aaJFiWMUkToZMgTkPkXLOAwhMMpJnNxPw0/k=
                                                                                              x-amz-request-id: JXE34TNSW4J439ZD
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: c51e3910436dcfa31dc6f98fa61fbbb0
                                                                                              age: 1026
                                                                                              date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:14 GMT
                                                                                              content-length: 43331
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/favicon.ico
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /favicon.ico HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: image
                                                                                              referer: https://video.rainberrytv.com/network/start.html?ver=3%2e6%2e0%2e1%2e47082
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: qmLL6iZS1TpOSM6cG/3YqlkfdzfAe9bfC/1D3I5d0x5e/MMAcyHTlo1AKsOIjvtdsAkajYcmZG4=
                                                                                              x-amz-request-id: 9779S0B5K4AMAG20
                                                                                              content-type: image/vnd.microsoft.icon
                                                                                              server: AmazonS3
                                                                                              x-llid: 8b5e6d0bf7bd6433d17ca0d4e986416a
                                                                                              age: 1031
                                                                                              date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:14 GMT
                                                                                              content-length: 15406
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0 HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              cache-control: max-age=0
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              upgrade-insecure-requests: 1
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              sec-fetch-site: none
                                                                                              sec-fetch-mode: navigate
                                                                                              sec-fetch-user: ?1
                                                                                              sec-fetch-dest: document
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              if-modified-since: Mon, 06 May 2024 06:28:15 GMT
                                                                                              Response
                                                                                              HTTP/2.0 304
                                                                                              content-type: text/html
                                                                                              x-llid: 849fc0a3f4941a8401e526b597a5ffc1
                                                                                              age: 1281
                                                                                              date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/assets/js/default-lb.yaml
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /assets/js/default-lb.yaml HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: /1U8r7rbvE16JVkMIgKt/HSUJ6lqsfNitu1VJ77SNCsdRFRWmSaaXk/IB+idrXsjl2shwTPmZgE=
                                                                                              x-amz-request-id: 9H9KZ7DPRB7RWX3S
                                                                                              content-type: binary/octet-stream
                                                                                              server: AmazonS3
                                                                                              x-llid: 34ec38274cf2d5df547c668a33ea3918
                                                                                              age: 2785
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:02:45 GMT
                                                                                              content-length: 299
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/assets/js/classic-lb-us.yaml
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /assets/js/classic-lb-us.yaml HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: c1e2uH9P+KuwZOh6fbxpnaiSqODNEULOX7FojHX1BkYuGA4OpMpUxijXBv00Aci4TRBKYEgOO/o=
                                                                                              x-amz-request-id: 7355TRCGZ9FC9VZT
                                                                                              content-type: binary/octet-stream
                                                                                              server: AmazonS3
                                                                                              x-llid: 4c63e9816b22c1f5fcbf78c364d9c28f
                                                                                              age: 2599
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:02:45 GMT
                                                                                              content-length: 1046
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/display/smart.html?bucket=classic-us+video&adt=4&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=l2WwbY5jlN1j7Oo
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/display/smart.html?bucket=classic-us+video&adt=4&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=l2WwbY5jlN1j7Oo HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              upgrade-insecure-requests: 1
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: navigate
                                                                                              sec-fetch-dest: document
                                                                                              referer: https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: 8jIMay2U12/aRL2WAEAG5xx6WMYa3jTVMcPBSD4wDcEPubMAUcDlFaMYmoZOZWtTvqTkDBZihSE=
                                                                                              x-amz-request-id: JXEFS9K2T7Q6P7ET
                                                                                              content-type: text/html
                                                                                              server: AmazonS3
                                                                                              x-llid: 5aeee5d76fa63adb294823a259963ce0
                                                                                              age: 1277
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 12762
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/dist/typedUtils.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/dist/typedUtils.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/smart/display/smart.html?bucket=classic-us+video&adt=4&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=l2WwbY5jlN1j7Oo
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: 3yNI7rdhB+krsWgfXOXibnOr0SctB4ylC49G/KfGB05GpL/pH2903wIDmSyH3NyLuOv7e2dd06E=
                                                                                              x-amz-request-id: JXE13ZK0FZYKFGMG
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: 94bc5dc650b40b1865920f38f124780a
                                                                                              age: 1275
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 17813
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/smartBench.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/smartBench.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/smart/display/smart.html?bucket=classic-us+video&adt=4&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=l2WwbY5jlN1j7Oo
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: Doa75dWJ40+cd2lserbHA1ytOUCN0CI8eAq3P8V3B0pr+LgQVIP+LLCB95zLhOSzmj5jHuQXwnQ=
                                                                                              x-amz-request-id: JXEBHZA35X1XCVY7
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: cff3a63ae69c0f843cbea76de539c680
                                                                                              age: 1282
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 5970
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/assets/js/base64.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /assets/js/base64.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/smart/display/smart.html?bucket=classic-us+video&adt=4&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=l2WwbY5jlN1j7Oo
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: ajO/r8RrAihAnMKVu/vw8H0CRB7s5gj4DyDmlOJ8NVuSubRhEmySiIsDIyiEJ3GTywInkfzTwsc=
                                                                                              x-amz-request-id: JXEA7MP06PYJ5V5S
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: e8d96ceabae9f4ca5168fe8a25da68ba
                                                                                              age: 1026
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:14 GMT
                                                                                              content-length: 3802
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/assets/js/sha256.min.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /assets/js/sha256.min.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/smart/display/smart.html?bucket=classic-us+video&adt=4&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=l2WwbY5jlN1j7Oo
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: hulqMB7h6sRML6tImV3x5ZpuoRk4ZNddX2GXeD1PYr6o0iP2XMjyIhF2NIJLetF2H1CpROaKsGM=
                                                                                              x-amz-request-id: JXEEKHSGADER2CFR
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: 15c254cf02db840ebdfd3a8d7c5cb569
                                                                                              age: 1027
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:14 GMT
                                                                                              content-length: 9018
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/assets/js/display-config.json
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /assets/js/display-config.json HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://video.rainberrytv.com/smart/display/smart.html?bucket=classic-us+video&adt=4&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=l2WwbY5jlN1j7Oo
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: ez+C1ITcYdKPNfE6VnXNIluR9p1itVvmVGM7R22xtLJHBncQWLju9N7usHmXcLWuO1cuMvTvgWI=
                                                                                              x-amz-request-id: 9H9ZWJ1D8Q5VY2C5
                                                                                              content-type: application/json
                                                                                              server: AmazonS3
                                                                                              x-llid: 122cda7133f7a02ed3ee0f78fc1828c4
                                                                                              age: 2718
                                                                                              date: Mon, 06 May 2024 17:02:50 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:02:43 GMT
                                                                                              content-length: 137
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/prebid.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/prebid.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/smart/display/smart.html?bucket=classic-us+video&adt=4&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=l2WwbY5jlN1j7Oo
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: 0Fdgp8Oe2zH4EnFZ1FB2qqZhlluf7FzpM9CVuHJTGOLpTFjiCDcDz3LmtailOxbB7qm6L0fa0iw=
                                                                                              x-amz-request-id: 5GZ68MNQC6W5BKH9
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: dc715b195418011d3d3e4e2c26d9850f
                                                                                              age: 1275
                                                                                              date: Mon, 06 May 2024 17:02:50 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 298963
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=380&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /network/utclassic-content.html?bucket=classic-us+video&adt=380&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0 HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              upgrade-insecure-requests: 1
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              sec-fetch-site: none
                                                                                              sec-fetch-mode: navigate
                                                                                              sec-fetch-user: ?1
                                                                                              sec-fetch-dest: document
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: qgM9RkvN/weT/ag3+AHjOzrDbW+xn0Swbnd1ujZpTRyTUWfDXYbQUKWrGj4V/NPnakLzE90auoI=
                                                                                              x-amz-request-id: 5GZ4WYR846MQTGVH
                                                                                              content-type: text/html
                                                                                              server: AmazonS3
                                                                                              x-llid: 3572d35179eecb02433fddf06cffe036
                                                                                              age: 1289
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 3826
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/assets/js/default.yaml
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /assets/js/default.yaml HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=380&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: f7m/aUXnJ6MkwYZS+RRH43zH8TE1nQivBfC+HsqZCYMm4IvUBpBezAg9c+yQEA4XDjqpC6Pg30M=
                                                                                              x-amz-request-id: 9H9R2BWE6ASN1SZT
                                                                                              content-type: binary/octet-stream
                                                                                              server: AmazonS3
                                                                                              x-llid: cd68d8925ee9def16cea41501945a3ec
                                                                                              age: 2765
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:02:45 GMT
                                                                                              content-length: 299
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/assets/js/classic-us+video.yaml
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /assets/js/classic-us+video.yaml HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=380&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: fM/EXZvOFl7ATJYW0yN5HAs7nchjGmTmD+TJh0ysGZZO/volqEVN99iUJi0yjbN902mcwNHcdSY=
                                                                                              x-amz-request-id: RFVXBV9Y3FHRWGWN
                                                                                              content-type: binary/octet-stream
                                                                                              server: AmazonS3
                                                                                              x-llid: 3a9888e7ded1f89b00121279f0d2e482
                                                                                              age: 2668
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:02:45 GMT
                                                                                              content-length: 1810
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698 HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              upgrade-insecure-requests: 1
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: navigate
                                                                                              sec-fetch-dest: document
                                                                                              referer: https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=380&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: fUxdv4K4NTENO5jeWpWDlmKDaVU31kSwxDJWrZ53KbulszIR2a8tup3NwlVf88w9n8iszcYhfoQ=
                                                                                              x-amz-request-id: JXEAN8T8R9TH503J
                                                                                              content-type: text/html
                                                                                              server: AmazonS3
                                                                                              x-llid: b2ef1ce6960237cbe9e68b4d41bc1d29
                                                                                              age: 1289
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 3242
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/assets/css/video.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /assets/css/video.css HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: uZH/mijrvrpQjO1QgcwVxRaJz7iifH9nKv0AVsbVmNHKvCSrQUhLX+/ZVuDdEIyExvOgK00utUk=
                                                                                              x-amz-request-id: JXE60TRHS4DKFAT6
                                                                                              content-type: text/css
                                                                                              server: AmazonS3
                                                                                              x-llid: 45a8960229317c0eb702a7e299006b43
                                                                                              age: 1026
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:14 GMT
                                                                                              content-length: 1928
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/pod.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/pod.css HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: 1BAaUkNePt6FTXf0ctDQvBZMW7wVd/ybjqWIZy1dA47GOtQ+IMYSo+44EMYcb05KLLKzh40GNaE=
                                                                                              x-amz-request-id: JXEEP8GYAYP0A0F0
                                                                                              content-type: text/css
                                                                                              server: AmazonS3
                                                                                              x-llid: efc1f167acda7ecfb826ebb92f33d90d
                                                                                              age: 844
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 277
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/style.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/style.css HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: 0IV7AJvvtJbsZjhysl6CkLPGAuCZUt0zUG8wpLjSlyBgpVkECVDFuKpqpvE+33XGa5wzPJzeb9c=
                                                                                              x-amz-request-id: JXEDAJWX2T0KE2B1
                                                                                              content-type: text/css
                                                                                              server: AmazonS3
                                                                                              x-llid: 4e0417a4796f108d4931966bf529def7
                                                                                              age: 1038
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 2239
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/modules/video.js/dist/video-js.min.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/modules/video.js/dist/video-js.min.css HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: rS2p13+x/b3rZLlSpNwiAGF9H59oFDOwyKnkpashAk+Ol31dwc+tp8sVExwQlqbE7Fu4Mt/K9Jo=
                                                                                              x-amz-request-id: JXE6EW9BZ7YYMS0N
                                                                                              content-type: text/css
                                                                                              server: AmazonS3
                                                                                              x-llid: c8474216351f252d26e8ba915250d774
                                                                                              age: 1038
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 39855
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/modules/videojs-contrib-ads/dist/videojs.ads.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/modules/videojs-contrib-ads/dist/videojs.ads.css HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: fEAXl8L9nk6chc2Z8JBaesPIVDYxDfkE+pLX7qfG0bhIdTvDa9gEyHajJbM6ivakCgFZNHrSXbo=
                                                                                              x-amz-request-id: JXE8ZA2WGJK65S6H
                                                                                              content-type: text/css
                                                                                              server: AmazonS3
                                                                                              x-llid: 9c10ca233984927b5b10dca67be4631b
                                                                                              age: 1038
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 3802
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/dist/videojs.ima.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/dist/videojs.ima.css HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: Tsj6lS1Wk7uwMB+j8iBB++YEeh2er6zpq9iR/SJ26H7s7X++oflCngb7M/ewdiasigKLZzq11mE=
                                                                                              x-amz-request-id: JXE4HYB6V30D8QZV
                                                                                              content-type: text/css
                                                                                              server: AmazonS3
                                                                                              x-llid: 8fe1721f4ab77c849dc938c6099f474a
                                                                                              age: 1038
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 975
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/modules/video.js/dist/video.min.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/modules/video.js/dist/video.min.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: q3BYpbFgVlvtDoALum1jYUzJWTLNfUxf6Ui7lMR/aXDGGbKU7MbrHLWUb7eEw7bJupoNweMnT64=
                                                                                              x-amz-request-id: WT1P782EW0WN3HRV
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: 875ccc01159075818fa0142f481e9e25
                                                                                              age: 1038
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 576448
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/modules/videojs-contrib-ads/dist/videojs.ads.min.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/modules/videojs-contrib-ads/dist/videojs.ads.min.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: HJVXvpRxlaRfV4gUvbISpubEhERbSbG5vTrddGmmYMAgpf6sF5oQOrZxlvPyBTX7p57BUvdwQfQ=
                                                                                              x-amz-request-id: WT1RBZ3C738RH3NB
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: 71db7f85009ef1e15299c949e0d38885
                                                                                              age: 1038
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 28283
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/dist/videojs.ima.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/dist/videojs.ima.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: 4sGyDkqX7JrofvHhrwxpcRrhULq8jxEr/wjLTJqpndozFOosDK6VT/8Z9xo2a734kR1pxQSkn3M=
                                                                                              x-amz-request-id: WT1ZT3Z14Q4G4FQ4
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: 659843c0525c4af6b5e68be049ba603b
                                                                                              age: 1038
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 112054
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://video.rainberrytv.com/smart/video/ima/ima.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /smart/video/ima/ima.js HTTP/2.0
                                                                                              host: video.rainberrytv.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: xzqbVnOQ2zt5Qu+drpKJ+4EGGtJ0cMtqhjL5Np1ldWscwkuD0Uiac6+96z4L2FYVuRtjLlyvGXo=
                                                                                              x-amz-request-id: WT1H98DK3EQFMW9V
                                                                                              content-type: application/javascript
                                                                                              server: AmazonS3
                                                                                              x-llid: 681b5f38b8356b19ae29497eab2ee7d0
                                                                                              age: 1038
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              content-length: 18586
                                                                                              x-ip-address: 178.79.231.132
                                                                                              access-control-allow-origin: *
                                                                                              permissions-policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "636976985063396749.rel.v2"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=86400
                                                                                              Content-Length: 57
                                                                                              Content-Type: application/octet-stream
                                                                                              ETag: "638343870221005468"
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: EnableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,TopTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:47 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "170540185939602997400506234197983529371"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=86400
                                                                                              Content-Length: 460992
                                                                                              Content-Type: application/octet-stream
                                                                                              ETag: "638004170464094982"
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: EnableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,TopTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/data/settings HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiZ2ZiM25SYkQzTUU9Iiwia2V5IjoiTk53QUs5Q3YySVQrU2NQYmxBcmhyUT09In0=
                                                                                              If-None-Match: "2.0-0"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1291
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Length: 129085
                                                                                              Content-Type: application/octet-stream
                                                                                              ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/navigate/2 HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiWTk0dkJ5a0dPZEk9Iiwia2V5IjoiVGF2K3ZZYnIyQjFMK09XTUwxVjlidz09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1703
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 5336
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:44 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/navigate/2 HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiZGVEb3ROL1dFdkk9Iiwia2V5IjoielV4R0pnZlJDUUxTaCt1dHd0SDNSUT09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1724
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 5362
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:44 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/navigate/2 HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiK0lqRnUyREFnWnc9Iiwia2V5IjoiZmFjZGVtTTcxamxSWk5iUDd6RFdlZz09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1897
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 5596
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:47 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-32.b-47082.ut.bench.utorrent.com/e?i=32
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.1.109.224:80
                                                                                              Request
                                                                                              POST /e?i=32 HTTP/1.1
                                                                                              Host: i-32.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 195
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://www.utorrent.com/prodnews
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:80
                                                                                              Request
                                                                                              GET /prodnews HTTP/1.1
                                                                                              Host: www.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              DNT: 1
                                                                                              Upgrade-Insecure-Requests: 1
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 301 Moved Permanently
                                                                                              Server: CloudFront
                                                                                              Date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              Content-Type: text/html
                                                                                              Content-Length: 167
                                                                                              Connection: keep-alive
                                                                                              Location: https://www.utorrent.com/prodnews
                                                                                              X-Cache: Redirect from cloudfront
                                                                                              Via: 1.1 961d53799e25f07a5cd3c15086a9948c.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: 49q_xoZcTfYF2rnWaffElxekOz2BKMNoaIXEBMjYNjW-wqwyBcnaAw==
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.13/es5-shim.min.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              104.17.24.14:443
                                                                                              Request
                                                                                              GET /ajax/libs/es5-shim/4.1.13/es5-shim.min.js HTTP/2.0
                                                                                              host: cdnjs.cloudflare.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: http://utclient.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              content-length: 5718
                                                                                              access-control-allow-origin: *
                                                                                              cache-control: public, max-age=30672000
                                                                                              content-encoding: br
                                                                                              etag: "5eb03e54-44bb"
                                                                                              last-modified: Mon, 04 May 2020 16:09:56 GMT
                                                                                              cf-cdnjs-via: cfworker/kv
                                                                                              cross-origin-resource-policy: cross-origin
                                                                                              timing-allow-origin: *
                                                                                              x-content-type-options: nosniff
                                                                                              vary: Accept-Encoding
                                                                                              cf-cache-status: HIT
                                                                                              age: 339392
                                                                                              expires: Sat, 26 Apr 2025 17:02:46 GMT
                                                                                              accept-ranges: bytes
                                                                                              report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ft4KXhCR6Fqgs79%2BgaMVTifqz2sZsVtSLcoCrtqH5vbiCIyABDp98jihce0MTkXDUGT1jbdaGpGN1MAPegJyjCHYEg%2FhZ1IbJOMecsrd03SylYG19aR1W2gb5KCKke843YZAwj4a"}],"group":"cf-nel","max_age":604800}
                                                                                              nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
                                                                                              strict-transport-security: max-age=15780000
                                                                                              server: cloudflare
                                                                                              cf-ray: 87fa8a350a0293e9-LHR
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/prodnews
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /prodnews HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              dnt: 1
                                                                                              upgrade-insecure-requests: 1
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              sec-fetch-site: none
                                                                                              sec-fetch-mode: navigate
                                                                                              sec-fetch-user: ?1
                                                                                              sec-fetch-dest: document
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 301
                                                                                              content-length: 0
                                                                                              location: https://www.utorrent.com/prodnews/
                                                                                              server: CloudFront
                                                                                              date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              x-cache: LambdaGeneratedResponse from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: v1UXH68-hYt6cgDRtCzjTIv5XzHVGpKo6mAGlMj-THOOj7W4ZXs8qQ==
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/prodnews/
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /prodnews/ HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              dnt: 1
                                                                                              upgrade-insecure-requests: 1
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              sec-fetch-site: none
                                                                                              sec-fetch-mode: navigate
                                                                                              sec-fetch-user: ?1
                                                                                              sec-fetch-dest: document
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: text/html
                                                                                              x-amz-id-2: r3kjA1w8elELWJxKZTBANemW8f2EbBvQ435zl+BT+W8U20TuANtKKYBEzb2zv2JJK0iRMnZqq/A=
                                                                                              x-amz-request-id: 3GZ2EP3R81SWZ4WH
                                                                                              date: Fri, 15 Mar 2024 19:59:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:09 GMT
                                                                                              etag: W/"49c92323d1dd8492994ba0832b8b27f4"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: 8fjQ0Drhao5uB6mNGHIfbXeNpfXCDHy4CipoGgogFX2fbAUexqBrCg==
                                                                                              age: 4482191
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/static/Inter-Regular-1e081edc16d92d42aeccec760174fbf4.woff2
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /static/Inter-Regular-1e081edc16d92d42aeccec760174fbf4.woff2 HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              origin: https://www.utorrent.com
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              dnt: 1
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: font
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: binary/octet-stream
                                                                                              content-length: 100124
                                                                                              x-amz-id-2: u/Ibn6O7jeiGV+5QU068MedOSWNAeJuBVDlwl6i8TMUIO72+heYzBeRe1l9nmYKmpQ8fqcGd+DA=
                                                                                              x-amz-request-id: WKMA33NJEDX4B5SK
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:09 GMT
                                                                                              etag: "1e081edc16d92d42aeccec760174fbf4"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=31536000, immutable
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: eIsvZ6PT83Mq5XXlMoYJArl9Df7LoBFcdxitpTR4-ijCjdKeu0EkBQ==
                                                                                              age: 4482372
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/static/Inter-Medium-c709803c3cab6f1116039e881ecf531a.woff2
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /static/Inter-Medium-c709803c3cab6f1116039e881ecf531a.woff2 HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              origin: https://www.utorrent.com
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              dnt: 1
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: font
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: binary/octet-stream
                                                                                              content-length: 106720
                                                                                              x-amz-id-2: s9UMYn/Y7BctBm3QdlPB/NvTI5eVZzn2ByTITXm4RieKWNCsEi73LEUpi6IOAb7s35uHTAU8wvo=
                                                                                              x-amz-request-id: JX93Q8XYD9ACJKVB
                                                                                              date: Wed, 20 Mar 2024 00:07:38 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:10 GMT
                                                                                              etag: "c709803c3cab6f1116039e881ecf531a"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=31536000, immutable
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: xeZnapSy2xxBJH2oGVSPnTv-T4lElrznru4E4dnXKR5hTwVIR2ufHg==
                                                                                              age: 4121709
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/static/Inter-Bold-e7ae98681edfa1df7f1e3ebba0d4fb88.woff2
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /static/Inter-Bold-e7ae98681edfa1df7f1e3ebba0d4fb88.woff2 HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              origin: https://www.utorrent.com
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              dnt: 1
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: font
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: binary/octet-stream
                                                                                              content-length: 105960
                                                                                              x-amz-id-2: qwzk/KiPqYkX/QZGoKeGIxaZiuoSbw6636QVcQizJmP10XOzIo8WKn0YSUDjaeqRUWOSv08HqnQ=
                                                                                              x-amz-request-id: WKM6FQ35ZGA8MF62
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:09 GMT
                                                                                              etag: "8381bcfb1339ad96a5675d5dcfcbcd09"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=31536000, immutable
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: zZRqsI0--N6bMli10MT1aDKMIwgoPiMGU7IjXjs4CEq2OhloGM19uw==
                                                                                              age: 4482372
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/static/Inter-Thin-9c96c7a2494ef60e8c2c75ad9baf1c5c.woff2
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /static/Inter-Thin-9c96c7a2494ef60e8c2c75ad9baf1c5c.woff2 HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              origin: https://www.utorrent.com
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              dnt: 1
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: font
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: binary/octet-stream
                                                                                              content-length: 101408
                                                                                              x-amz-id-2: bGxhNfT2rJvueUzB1jD/H5JOBP43mZ1XWlwCKghbut4DXk1cUTzPUA+uZDNT88x/EcHBxiINE/Q=
                                                                                              x-amz-request-id: WKM1E56XB82ZGMNG
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:09 GMT
                                                                                              etag: "9c96c7a2494ef60e8c2c75ad9baf1c5c"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=31536000, immutable
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: R5lMg8CA26BJq_VCSSrfY0O_1xkO4883ecv9rgE1eMTuT9ZDyHJiRA==
                                                                                              age: 4482372
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/static/Inter-ExtraLight-8381bcfb1339ad96a5675d5dcfcbcd09.woff2
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /static/Inter-ExtraLight-8381bcfb1339ad96a5675d5dcfcbcd09.woff2 HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              origin: https://www.utorrent.com
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              dnt: 1
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: font
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: binary/octet-stream
                                                                                              content-length: 107400
                                                                                              x-amz-id-2: kxIC8FdYUfelra1h8o/L0IGdcoh38N+JVIgzuS/eN1gxZri+LOZAuseaBapKyd3AaSBkDG6nVfo=
                                                                                              x-amz-request-id: WKM24D0G99WM204X
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:09 GMT
                                                                                              etag: "e7ae98681edfa1df7f1e3ebba0d4fb88"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=31536000, immutable
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: 4uAjTJiX_fbZUvW9xhdcvh3FgdaGobA8U2uXslRrMkmIB1AXnqt9Dw==
                                                                                              age: 4482372
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/webpack-runtime-6ad5d20e9cacfad52051.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /webpack-runtime-6ad5d20e9cacfad52051.js HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript
                                                                                              content-length: 118
                                                                                              x-amz-id-2: FX0YV9XdIP1L/AqyvvA6AdzH3ZzYVX7m2kVK6Gy4liQ5/BRWQXKidAjBO4mEmCldVRfFLdhP9to=
                                                                                              x-amz-request-id: WKM5HBNCK12V86D0
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:10 GMT
                                                                                              etag: "cb86974a39fe68d1c24b49e58b019a58"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: 1-BAthJPXKE97xSOQYewmAQEk4cfSmSkm0TcOPrUetNiwIGERJazUg==
                                                                                              age: 4482374
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/framework-eccc61fe56658d61fa21.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /framework-eccc61fe56658d61fa21.js HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript
                                                                                              x-amz-id-2: 5MvOQBrzlBTL+R9kcEizsMw7FRf/l8ykn4NTz8v6E/e+zH6L2rwu7H8zipxze5BL2yaJG5jHGDg=
                                                                                              x-amz-request-id: WKMEHHK4D0Y5X51P
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:57 GMT
                                                                                              etag: W/"8f7e58bb1f725081a2f10ff447c13d37"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: HusPyWyW5Fk_yHCdywZ4dqU6YVya7PuNb9K94P8PT-qSWpdPPvr5aw==
                                                                                              age: 4482374
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/styles-6da2bce19ba3ad2246ef.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /styles-6da2bce19ba3ad2246ef.js HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript
                                                                                              x-amz-id-2: L0JBXQyxVMl4I4YcuIQ6WVCvCC1EH/TvxDYamhq4v5vJo7TYFXbvLvHkuBH+QfTZmDmQQzWuu6A=
                                                                                              x-amz-request-id: WKMBMNBRDBBAR62Y
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:10 GMT
                                                                                              etag: W/"696160c7f04e440d9e1d076a4bceca12"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: fHPhK0L39LS72H9zDoE0jZth6Yz3NiCQUwkIiM14mnJU_L5IBsoHHw==
                                                                                              age: 4482374
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/1bfc9850-720c498ecb470d5e9258.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /1bfc9850-720c498ecb470d5e9258.js HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript
                                                                                              x-amz-id-2: yE+UDOfs9qVpJ2vje+V+JHqXWcMiioWqNbAuhK5lkfF9XieEBMXZec9i+7Mf7EaOwDtnHIFPDs0=
                                                                                              x-amz-request-id: WKM7AG7KQWPYNHFJ
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:57 GMT
                                                                                              etag: W/"5b714810c5f08130c4ef77ec3c71ab02"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: d65F0cAuJkFYKbikrYIZ9zzF0K2ntjsr8S_mA-XYNpAIwJGi737CGA==
                                                                                              age: 4482374
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/95b64a6e-cfd6bd7bfda8c02495b9.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /95b64a6e-cfd6bd7bfda8c02495b9.js HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript
                                                                                              content-length: 673
                                                                                              x-amz-id-2: 33pEV2suVwz9vb6AuzOp++ridu65Y5Ay7P7PnG+KmoKlpu79X/nXg17S3ui+qPkx6tkSyKgVn90=
                                                                                              x-amz-request-id: WKMEJR32CAF58YBP
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:56 GMT
                                                                                              etag: "bcd844fedce23a26d07895c474c892a4"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: K_LfiLl1WlrnFvR0SXnTiJT7PFcOktGNTqD6hM-ofDb1V3gF26YzfA==
                                                                                              age: 4482374
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/app-77702c871f01d98a23a2.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /app-77702c871f01d98a23a2.js HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript
                                                                                              x-amz-id-2: yPWAlX7p8E2E5gakknUoMjLhru21CFSPfIQG5sghBNORiZ6bKYkAZmpkdEf6ej7upnc4ng7dv0o=
                                                                                              x-amz-request-id: WKM7VADT3SAE2N9A
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:56 GMT
                                                                                              etag: W/"45f21023db58e3d5eac46356fc90d5a6"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: dn0EUAH2VBTwGt3gCE-tnyBV2p2jfBd0v72cFt7zBkSjuZwnW0n08w==
                                                                                              age: 4482374
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/component---src-pages-prodnews-index-js-328108866c6007c1eba9.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /component---src-pages-prodnews-index-js-328108866c6007c1eba9.js HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/json
                                                                                              x-amz-id-2: GVgrZFhSy9278Mac9AnsMI37p8uLQxGlF56DgLbF9kXnmkusX6542TV8SlJry9zANyMK2J3zhq8=
                                                                                              x-amz-request-id: 02YDZ11TBJ7Q5ERM
                                                                                              date: Fri, 15 Mar 2024 20:01:01 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:09 GMT
                                                                                              etag: W/"5b34149d8e1ce8ee62a8d0c2520d63a0"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: otNwSVVAcUZwT0Zmx-O94CicB3HJkloDL2k4rVAtGmD5HylUjSJUWw==
                                                                                              age: 4482108
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/page-data/prodnews/page-data.json
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /page-data/prodnews/page-data.json HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              origin: https://www.utorrent.com
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              dnt: 1
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript
                                                                                              x-amz-id-2: U7R9AvBli6++VJbeM29wOiwMFaKIACijlWw6RFHA0p8r+FqkYApOLHFK4XMcxq1+mGoYv9JJeEg=
                                                                                              x-amz-request-id: 02YCVVZ4V62GZJ7B
                                                                                              date: Fri, 15 Mar 2024 20:01:01 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:57 GMT
                                                                                              etag: W/"095047932d15ce972a7fc12b746b1869"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: r4H0bzJzD39gdnQBekt-BtzehyLlPUXL3M8qmbsCF5Nq6OpPadFr3w==
                                                                                              age: 4482108
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/page-data/sq/d/2794733127.json
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /page-data/sq/d/2794733127.json HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              origin: https://www.utorrent.com
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              dnt: 1
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/json
                                                                                              content-length: 73
                                                                                              x-amz-id-2: uCy+JaTO+NXTlRKKKrW4MtN2npIg2d3QO+P5d2PQX9HCFJC+PTRgmrU1mIRHfC/KjFSaOdjy2Vo=
                                                                                              x-amz-request-id: WKM4ZF4M3CXCPA48
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:09 GMT
                                                                                              etag: "4ac8f16b4b551cf4634be937c1fc591f"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: 65hsG4skD7l0qM8OaePC24rd-81naa_RNsdV-HWWDTJxCJvVci0xZw==
                                                                                              age: 4482374
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/page-data/app-data.json
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /page-data/app-data.json HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              origin: https://www.utorrent.com
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              dnt: 1
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/json
                                                                                              content-length: 50
                                                                                              x-amz-id-2: wEDuVGvgLO6UYUxtnKN3fu1QWQDv8sXve5ZI7N8yaM4gx5LIda3KNuiHy29zE9TxK0Kt13j+NCU=
                                                                                              x-amz-request-id: WKM0Q4YZRWHXWHHG
                                                                                              date: Fri, 15 Mar 2024 19:56:35 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:06 GMT
                                                                                              etag: "d75f6cc8c1a9d4c30034b310ca22b288"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: yvKtrwkXR-B3YZY1f8-600xKpBZbdqSEQYDW7QwxOoibUw6WAfBm8g==
                                                                                              age: 4482374
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/static/nord_tower_300_600-4b13b4ef8daafe3126521a923f4d515c.png
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /static/nord_tower_300_600-4b13b4ef8daafe3126521a923f4d515c.png HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: image
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: image/png
                                                                                              content-length: 98471
                                                                                              x-amz-id-2: jX4pOdMFSwm1nyTuWhVVb4PSh3uHGA4Gpvo4m3M+Dcj5jq4EzjGKr5vIFpkoZzgkPR1RBcdFvVw=
                                                                                              x-amz-request-id: 02Y9FXKNRE5PFYBD
                                                                                              date: Fri, 15 Mar 2024 20:01:01 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:10 GMT
                                                                                              etag: "4b13b4ef8daafe3126521a923f4d515c"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=31536000, immutable
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: bzeK0vteJX1JxBg2N83XdR52z8Jv699g-u_gYFq5Nx83snze76cBmA==
                                                                                              age: 4482108
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/images/pro-free-trial/cat-14days-en.png
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /images/pro-free-trial/cat-14days-en.png HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: image
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript
                                                                                              x-amz-id-2: 8YyIB24k0ICvVUkflbCvsyJg9UtBkrgZI3H+YD4uf0WS6P4d0S1QkyHbF2AIM0k/OUGHoElkXJo=
                                                                                              x-amz-request-id: FQRRSHS0VCJ36YFQ
                                                                                              date: Fri, 15 Mar 2024 19:56:38 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:56 GMT
                                                                                              etag: W/"78f4a1ef16760375ada7ea23ff28ef26"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: xXo8u0Kh0ZX7xXR7FKnznO3vHWu6yWPxbIGlNoaslpSK9ALhYoei2Q==
                                                                                              age: 4482372
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/36-6933f9537e69ef7df1be.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /36-6933f9537e69ef7df1be.js HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: image/png
                                                                                              content-length: 474848
                                                                                              x-amz-id-2: yjNKhGCGL/qYKBFzhvkabekxn4uTmAgg6ow7L5AJvik0FHy/jxjcQ6CKy1pXmGyhhnfGfiMvDeY=
                                                                                              x-amz-request-id: 0MAV9GRQSVHYDV5B
                                                                                              date: Fri, 15 Mar 2024 19:57:04 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:58 GMT
                                                                                              etag: "bad95afecb20a7d577ae073021d5e4c3"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: PwXEVfrw502qDGo9xVRBMTExtsFW0ikXfEFoycHt3H2DartwjaV1ng==
                                                                                              age: 4482346
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/35-b1719e0d2294058cf79b.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /35-b1719e0d2294058cf79b.js HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript
                                                                                              x-amz-id-2: xmop863KVpAm4nNIFr/CDokLCpmI2wQuQRY2UTwSl1USMpkhBw5qhI92g+4GoFn/nR1pySWffYU=
                                                                                              x-amz-request-id: DWS367MZTMNTT0GJ
                                                                                              date: Fri, 15 Mar 2024 19:56:37 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:57 GMT
                                                                                              etag: W/"4ada5326b8a2d25bca02580648b5f64f"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: hyk98zmF50C1Lu1porS3kaLLvoIwwivSQ-QuaEP91HISryAQCZXo5A==
                                                                                              age: 4482372
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/qne4zsu.css
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /qne4zsu.css HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              cookie: _ga_HHFKT0D5PF=GS1.1.1715014968.1.0.1715014968.0.0.0
                                                                                              cookie: _ga=GA1.1.926648014.1715014969
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: text/css
                                                                                              x-amz-id-2: NxwAUnAIf9dmSFG8KvAF40Yn5dsloA0eUpscv4TZ0yLzRxSw8L3Nr386ylhgapHoW9p1fa/0l4I=
                                                                                              x-amz-request-id: 64DJJD30JXDKKR47
                                                                                              date: Fri, 15 Mar 2024 19:55:00 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:09 GMT
                                                                                              etag: W/"385d4174df99440bacaac9a066d91ebd"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: sPvXhj1QU_GseeQEi9uh8NAizpl-nBGtUnHLB8e0O91Z5oBq-TASBg==
                                                                                              age: 4482470
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/fonts/Inter/inter.css
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /fonts/Inter/inter.css HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              cookie: _ga_HHFKT0D5PF=GS1.1.1715014968.1.0.1715014968.0.0.0
                                                                                              cookie: _ga=GA1.1.926648014.1715014969
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: text/css
                                                                                              x-amz-id-2: eIJC6ma7/Mj5U3BkQ/UrUTPax7Ug64J3PLXxI5AJ/QtbLdu6F6MDzuii/HTQbQPvZn1qebAu9LM=
                                                                                              x-amz-request-id: 64DNM6DHK2H5XJPJ
                                                                                              date: Fri, 15 Mar 2024 19:55:00 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:57 GMT
                                                                                              etag: W/"f9e4a17c4eadfbaf447ee62d3e4a9c66"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: tKDxq9NTsM5B8Su43aFTpChl-3pALRfVbbF-PCN7R6s-MkYjmhXCHg==
                                                                                              age: 4482470
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/static/faviconUT-be6029e02bb2d6e0415a561c42641a2f.ico
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.122:443
                                                                                              Request
                                                                                              GET /static/faviconUT-be6029e02bb2d6e0415a561c42641a2f.ico HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                              sec-fetch-site: same-origin
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: image
                                                                                              referer: https://www.utorrent.com/prodnews/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              cookie: cloudfront-view-country=GB
                                                                                              cookie: _ga_HHFKT0D5PF=GS1.1.1715014968.1.0.1715014968.0.0.0
                                                                                              cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmEtN2RkNy02ZmZlLThlMDYtZGVmNmQxYzY4MWQ3IiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NDkuMzA5WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjQ5LjMwOVoiLCJ2ZXJzaW9uIjpudWxsfQ==
                                                                                              cookie: _ga=GA1.2.926648014.1715014969
                                                                                              cookie: _gid=GA1.2.862526002.1715014976
                                                                                              cookie: _gat_UA-116155-1=1
                                                                                              cookie: _gat_gtag_UA_116155_1=1
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: image/vnd.microsoft.icon
                                                                                              content-length: 32988
                                                                                              x-amz-id-2: Q48iEVf/+s5p87eyAGUp0BX2YHs/m8mekJPGIrcWyObfwG8fN4udJzzqxhUCwdRP+BMiHKtr5i4=
                                                                                              x-amz-request-id: FQRSGAZ5XT5ESH1G
                                                                                              date: Fri, 15 Mar 2024 19:56:38 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:54:10 GMT
                                                                                              etag: "be6029e02bb2d6e0415a561c42641a2f"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=31536000, immutable
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: Md_Fj8d-JIO_AX_XWkNkmrrf5mnmiqceh1YgmE5WDY_A9N2M1PruXQ==
                                                                                              age: 4482380
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/navigate/2 HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiWGpiaXFyaTlXeVU9Iiwia2V5IjoiSzAva1RJRkRVMUlmc3VieWYySlZyZz09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1897
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 5596
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://unpkg.com/core-js-bundle@3.14.0/minified.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              104.17.247.203:443
                                                                                              Request
                                                                                              GET /core-js-bundle@3.14.0/minified.js HTTP/2.0
                                                                                              host: unpkg.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              access-control-allow-origin: *
                                                                                              cache-control: public, max-age=31536000
                                                                                              last-modified: Sat, 26 Oct 1985 08:15:00 GMT
                                                                                              etag: W/"29256-VhNbfh67dORnJowQW03GdaM35fA"
                                                                                              via: 1.1 fly.io
                                                                                              fly-request-id: 01HS98YHJYVTFG476G4H0YFD78-lhr
                                                                                              cf-cache-status: HIT
                                                                                              age: 4232861
                                                                                              vary: Accept-Encoding
                                                                                              strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                              x-content-type-options: nosniff
                                                                                              server: cloudflare
                                                                                              cf-ray: 87fa8a317a00414d-LHR
                                                                                              content-encoding: br
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://unpkg.com/@videojs/themes@1/dist/city/index.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              104.17.247.203:443
                                                                                              Request
                                                                                              GET /@videojs/themes@1/dist/city/index.css HTTP/2.0
                                                                                              host: unpkg.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 302
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              content-type: text/plain; charset=utf-8
                                                                                              access-control-allow-origin: *
                                                                                              cache-control: public, s-maxage=600, max-age=60
                                                                                              location: /@videojs/themes@1.0.1/dist/city/index.css
                                                                                              vary: Accept, Accept-Encoding
                                                                                              content-encoding: br
                                                                                              via: 1.1 fly.io
                                                                                              fly-request-id: 01HX7DCEZRM68F2YD1QBX0AXFH-lhr
                                                                                              cf-cache-status: HIT
                                                                                              age: 359
                                                                                              strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                              x-content-type-options: nosniff
                                                                                              server: cloudflare
                                                                                              cf-ray: 87fa8a605c4d414d-LHR
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://unpkg.com/@videojs/themes@1.0.1/dist/city/index.css
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              104.17.247.203:443
                                                                                              Request
                                                                                              GET /@videojs/themes@1.0.1/dist/city/index.css HTTP/2.0
                                                                                              host: unpkg.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              content-type: text/css; charset=utf-8
                                                                                              access-control-allow-origin: *
                                                                                              cache-control: public, max-age=31536000
                                                                                              last-modified: Wed, 28 Oct 2020 04:24:35 GMT
                                                                                              etag: W/"9f9-L0mFFrc65fCHkEZpzNaz61cFRxE"
                                                                                              via: 1.1 fly.io
                                                                                              fly-request-id: 01HS98YJ3Q02G8JX4RSZQ881KY-lhr
                                                                                              cf-cache-status: HIT
                                                                                              age: 4232867
                                                                                              vary: Accept-Encoding
                                                                                              strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                              x-content-type-options: nosniff
                                                                                              server: cloudflare
                                                                                              cf-ray: 87fa8a60ed5d414d-LHR
                                                                                              content-encoding: br
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/data/settings HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoidFo4by9BZFdsSFU9Iiwia2V5IjoieXdsTzlwRnk2cENnd0RXNTd4QlZrUT09In0=
                                                                                              If-None-Match: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1340
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Length: 129085
                                                                                              Content-Type: application/octet-stream
                                                                                              ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:45 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://content.bt.co/channels/utclassic-content/content-41.xml
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /channels/utclassic-content/content-41.xml HTTP/2.0
                                                                                              host: content.bt.co
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              origin: https://video.rainberrytv.com
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: XujXKVIoJDIdR7ayZPn2R87554YyKZ12N42t/fSwjeExxWzJYGIuNnAnj/yBfGngjylZ16NhNa8=
                                                                                              x-amz-request-id: X1PKYWYR8P2DY7KV
                                                                                              access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
                                                                                              access-control-max-age: 3000
                                                                                              vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
                                                                                              content-type: text/html
                                                                                              server: AmazonS3
                                                                                              x-llid: 1c1910ae2abc5a4ee6782cf95bfa0bd4
                                                                                              age: 1034
                                                                                              date: Mon, 06 May 2024 17:02:46 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:06:34 GMT
                                                                                              content-length: 1398
                                                                                              x-ip-address: 178.79.231.14
                                                                                              access-control-allow-origin: *
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://content.bt.co/channels/utclassic-content/content-100.xml
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:443
                                                                                              Request
                                                                                              GET /channels/utclassic-content/content-100.xml HTTP/2.0
                                                                                              host: content.bt.co
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              origin: https://video.rainberrytv.com
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              x-amz-id-2: ASckKyM7PCOlf2E+GuYuYdv9gmQaj0NWJ+658SSJ7knJlSM3/azJKe/ZtE9d89ZqDdm3md1dSv8=
                                                                                              x-amz-request-id: 587P3W49Y1M8ZK2X
                                                                                              access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
                                                                                              access-control-max-age: 3000
                                                                                              vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
                                                                                              content-type: text/html
                                                                                              server: AmazonS3
                                                                                              x-llid: 9c6e7911880b34af1aa2862bde7e9cb4
                                                                                              age: 867
                                                                                              date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              last-modified: Mon, 06 May 2024 06:06:43 GMT
                                                                                              content-length: 1445
                                                                                              x-ip-address: 178.79.231.14
                                                                                              access-control-allow-origin: *
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-49.b-47082.ut.bench.utorrent.com/e?i=49
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.5.70.92:80
                                                                                              Request
                                                                                              POST /e?i=49 HTTP/1.1
                                                                                              Host: i-49.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 168
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:48 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/navigate/2 HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiNU9IMXRxL2RjWDg9Iiwia2V5IjoiRFZXaDZ5UUc5NUdjUEZPYlJ4OGxvdz09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1926
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 5296
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:48 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              DNS
                                                                                              203.247.17.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              203.247.17.104.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              fonts.googleapis.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              fonts.googleapis.com
                                                                                              IN A
                                                                                              Response
                                                                                              fonts.googleapis.com
                                                                                              IN A
                                                                                              216.58.204.74
                                                                                            • flag-us
                                                                                              DNS
                                                                                              fonts.googleapis.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              fonts.googleapis.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              14.24.17.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              14.24.17.104.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              www.googleoptimize.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              www.googleoptimize.com
                                                                                              IN A
                                                                                              Response
                                                                                              www.googleoptimize.com
                                                                                              IN A
                                                                                              142.250.200.46
                                                                                            • flag-us
                                                                                              DNS
                                                                                              46.200.250.142.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              46.200.250.142.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              46.200.250.142.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr48s30-in-f141e100net
                                                                                            • flag-us
                                                                                              DNS
                                                                                              secure.globalsign.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              secure.globalsign.com
                                                                                              IN A
                                                                                              Response
                                                                                              secure.globalsign.com
                                                                                              IN CNAME
                                                                                              global.prd.cdn.globalsign.com
                                                                                              global.prd.cdn.globalsign.com
                                                                                              IN CNAME
                                                                                              prod.globalsign.map.fastly.net
                                                                                              prod.globalsign.map.fastly.net
                                                                                              IN A
                                                                                              151.101.2.133
                                                                                              prod.globalsign.map.fastly.net
                                                                                              IN A
                                                                                              151.101.66.133
                                                                                              prod.globalsign.map.fastly.net
                                                                                              IN A
                                                                                              151.101.130.133
                                                                                              prod.globalsign.map.fastly.net
                                                                                              IN A
                                                                                              151.101.194.133
                                                                                            • flag-us
                                                                                              DNS
                                                                                              dns.google
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              dns.google
                                                                                              IN A
                                                                                              Response
                                                                                              dns.google
                                                                                              IN A
                                                                                              8.8.4.4
                                                                                              dns.google
                                                                                              IN A
                                                                                              8.8.8.8
                                                                                            • flag-us
                                                                                              DNS
                                                                                              fonts.gstatic.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              fonts.gstatic.com
                                                                                              IN A
                                                                                              Response
                                                                                              fonts.gstatic.com
                                                                                              IN A
                                                                                              216.58.212.227
                                                                                            • flag-us
                                                                                              DNS
                                                                                              237.53.18.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              237.53.18.104.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              www.google-analytics.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              www.google-analytics.com
                                                                                              IN A
                                                                                              Response
                                                                                              www.google-analytics.com
                                                                                              IN A
                                                                                              142.250.180.14
                                                                                            • flag-us
                                                                                              DNS
                                                                                              sdk.privacy-center.org
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              sdk.privacy-center.org
                                                                                              IN A
                                                                                              Response
                                                                                              sdk.privacy-center.org
                                                                                              IN A
                                                                                              18.239.208.120
                                                                                              sdk.privacy-center.org
                                                                                              IN A
                                                                                              18.239.208.58
                                                                                              sdk.privacy-center.org
                                                                                              IN A
                                                                                              18.239.208.39
                                                                                              sdk.privacy-center.org
                                                                                              IN A
                                                                                              18.239.208.62
                                                                                            • flag-us
                                                                                              DNS
                                                                                              36.34.239.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              36.34.239.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-62.b-47082.ut.bench.utorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-62.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                              Response
                                                                                              i-62.b-47082.ut.bench.utorrent.com
                                                                                              IN CNAME
                                                                                              bench.utp.st
                                                                                              bench.utp.st
                                                                                              IN CNAME
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.1.109.224
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.218.73.120
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              50.17.80.143
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.21.50.61
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              44.214.14.78
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.205.169.46
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.0.219.152
                                                                                              com-utorrent-prod-bench-bt-vpc-868333863.us-east-1.elb.amazonaws.com
                                                                                              IN A
                                                                                              52.0.235.250
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-62.b-47082.ut.bench.utorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-62.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient.utorrent.com/pro/3p/es5-shim.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.54:80
                                                                                              Request
                                                                                              GET /pro/3p/es5-shim.js HTTP/1.1
                                                                                              Host: utclient.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: */*
                                                                                              Referer: http://utclient.utorrent.com/pro/index.html?brand=ut
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: application/javascript
                                                                                              Content-Length: 59632
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Tue, 08 Dec 2015 21:41:33 GMT
                                                                                              x-amz-meta-s3cmd-attrs: uid:107/gname:jenkins/uname:jenkins/gid:120/mode:33188/mtime:1449610891/atime:1449610891/ctime:1449610891
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 16:58:31 GMT
                                                                                              Cache-Control: s-maxage=300
                                                                                              ETag: "5a705c0cb1e4ac33ca19e4242bf215fc"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 bca52b70421b8043e27a70a0a8860acc.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: ELZP4t-wvM15OGT8pjpUL4RbWzdQ3ryz6f6VQNZQBMzgbvXHkIPErg==
                                                                                              Age: 273
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient.utorrent.com/pro/3p/es5-sham.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.54:80
                                                                                              Request
                                                                                              GET /pro/3p/es5-sham.js HTTP/1.1
                                                                                              Host: utclient.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: */*
                                                                                              Referer: http://utclient.utorrent.com/pro/index.html?brand=ut
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: application/javascript
                                                                                              Content-Length: 20716
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Tue, 08 Dec 2015 21:41:33 GMT
                                                                                              x-amz-meta-s3cmd-attrs: uid:107/gname:jenkins/uname:jenkins/gid:120/mode:33188/mtime:1449610891/atime:1449610891/ctime:1449610891
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 17:01:12 GMT
                                                                                              Cache-Control: s-maxage=300
                                                                                              ETag: "00f350e59ea0859a1e29813d14db4cd4"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 65a6401ea3ddd96bdac1c7cee3b3893e.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: WsavqzA4v5hvlTqJP6Wf11Uh9ZXiwHfuP9m5CCvCsnHt6Gwua9-JlA==
                                                                                              Age: 99
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient.utorrent.com/pro/app/bundle-sfx.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.54:80
                                                                                              Request
                                                                                              GET /pro/app/bundle-sfx.js HTTP/1.1
                                                                                              Host: utclient.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: */*
                                                                                              Referer: http://utclient.utorrent.com/pro/index.html?brand=ut
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: application/javascript
                                                                                              Content-Length: 672103
                                                                                              Connection: keep-alive
                                                                                              Last-Modified: Wed, 25 Oct 2023 21:35:18 GMT
                                                                                              x-amz-server-side-encryption: AES256
                                                                                              x-amz-meta-s3cmd-attrs: uid:107/gname:jenkins/uname:jenkins/gid:120/mode:33188/mtime:1698064228/atime:1698269717/ctime:1698064228
                                                                                              Accept-Ranges: bytes
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 16:58:31 GMT
                                                                                              Cache-Control: s-maxage=300
                                                                                              ETag: "b19205efa61d19ebbada54015709f5fb"
                                                                                              X-Cache: Hit from cloudfront
                                                                                              Via: 1.1 ccaf1a504c744888ea0273ccf57116f0.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: hOeRRRpMq_7tz-WqHqZu9zh_1_CX7Arxs2X5jEembbMugp0oEUAf4Q==
                                                                                              Age: 296
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient.utorrent.com/favicon.ico
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.54:80
                                                                                              Request
                                                                                              GET /favicon.ico HTTP/1.1
                                                                                              Host: utclient.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                              Referer: http://utclient.utorrent.com/pro/index.html?brand=ut
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Cookie: _gid=GA1.2.1841880955.1715014972; _gat=1; _gat_gtag_UA_168871392_1=1; _ga_9X9DE1ZRWZ=GS1.1.1715014972.1.0.1715014972.0.0.0; _ga=GA1.1.1551936123.1715014972; _ga_M61B1PKGYV=GS1.2.1715014972.1.0.1715014972.0.0.0
                                                                                              Response
                                                                                              HTTP/1.1 403 Forbidden
                                                                                              Content-Type: application/xml
                                                                                              Transfer-Encoding: chunked
                                                                                              Connection: keep-alive
                                                                                              Server: AmazonS3
                                                                                              Date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              X-Cache: Error from cloudfront
                                                                                              Via: 1.1 ccaf1a504c744888ea0273ccf57116f0.cloudfront.net (CloudFront)
                                                                                              X-Amz-Cf-Pop: BRU50-P1
                                                                                              X-Amz-Cf-Id: 5MQYc1H59sjdQY1eeQk87aH1hG9rBVDWAHJlFGZKS0KP4vz0inPv8A==
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://www.googleoptimize.com/optimize.js?id=OPT-WP37VXJ
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              142.250.200.46:443
                                                                                              Request
                                                                                              GET /optimize.js?id=OPT-WP37VXJ HTTP/2.0
                                                                                              host: www.googleoptimize.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: http://utclient.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://cdn.polyfill.io/v3/polyfill.min.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              104.18.53.237:443
                                                                                              Request
                                                                                              GET /v3/polyfill.min.js HTTP/2.0
                                                                                              host: cdn.polyfill.io
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              date: Mon, 06 May 2024 17:02:47 GMT
                                                                                              content-type: text/javascript; charset=utf-8
                                                                                              cf-ray: 87fa8a3cad8d9538-LHR
                                                                                              cf-cache-status: HIT
                                                                                              access-control-allow-origin: *
                                                                                              age: 4226207
                                                                                              cache-control: public, max-age=14400
                                                                                              content-encoding: gzip
                                                                                              expires: Mon, 06 May 2024 21:02:47 GMT
                                                                                              last-modified: Mon, 18 Mar 2024 19:06:00 GMT
                                                                                              vary: Accept-Encoding, User-Agent
                                                                                              access-control-allow-methods: GET,HEAD,OPTIONS
                                                                                              server: cloudflare
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://code.jquery.com/jquery-1.11.2.min.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              151.101.194.137:443
                                                                                              Request
                                                                                              GET /jquery-1.11.2.min.js HTTP/2.0
                                                                                              host: code.jquery.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              server: nginx
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              last-modified: Fri, 18 Oct 1991 12:00:00 GMT
                                                                                              etag: W/"28feccc0-176bb"
                                                                                              cache-control: public, max-age=31536000, stale-while-revalidate=604800
                                                                                              access-control-allow-origin: *
                                                                                              content-encoding: gzip
                                                                                              via: 1.1 varnish, 1.1 varnish
                                                                                              accept-ranges: bytes
                                                                                              date: Mon, 06 May 2024 17:02:47 GMT
                                                                                              age: 6431866
                                                                                              x-served-by: cache-lga13622-LGA, cache-lcy-eglc8600094-LCY
                                                                                              x-cache: HIT, HIT
                                                                                              x-cache-hits: 5, 159093
                                                                                              x-timer: S1715014968.953893,VS0,VE0
                                                                                              vary: Accept-Encoding
                                                                                              content-length: 33262
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://ced.sascdn.com/tag/2132/smart.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              2.18.190.77:443
                                                                                              Request
                                                                                              GET /tag/2132/smart.js HTTP/1.1
                                                                                              Host: ced.sascdn.com
                                                                                              Connection: keep-alive
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: */*
                                                                                              Sec-Fetch-Site: cross-site
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: script
                                                                                              Referer: https://video.rainberrytv.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: application/javascript; charset=UTF-8
                                                                                              Content-Encoding: gzip
                                                                                              Vary: Accept-Encoding
                                                                                              Content-Length: 39308
                                                                                              Cache-Control: public, max-age=7200
                                                                                              Expires: Mon, 06 May 2024 19:02:47 GMT
                                                                                              Date: Mon, 06 May 2024 17:02:47 GMT
                                                                                              Connection: keep-alive
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://cdn.jsdelivr.net/npm/core-js-bundle@3.20.3/minified.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              151.101.1.229:443
                                                                                              Request
                                                                                              GET /npm/core-js-bundle@3.20.3/minified.js HTTP/2.0
                                                                                              host: cdn.jsdelivr.net
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              access-control-allow-origin: *
                                                                                              access-control-expose-headers: *
                                                                                              timing-allow-origin: *
                                                                                              cache-control: public, max-age=31536000, s-maxage=31536000, immutable
                                                                                              cross-origin-resource-policy: cross-origin
                                                                                              x-content-type-options: nosniff
                                                                                              strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              x-jsd-version: 3.20.3
                                                                                              x-jsd-version-type: version
                                                                                              etag: W/"3172e-WXq8SgXy1IIxcuJoQbbzI1mnnBU"
                                                                                              content-encoding: br
                                                                                              accept-ranges: bytes
                                                                                              date: Mon, 06 May 2024 17:02:49 GMT
                                                                                              age: 2720260
                                                                                              x-served-by: cache-fra-eddf8230086-FRA, cache-lcy-eglc8600079-LCY
                                                                                              x-cache: HIT, HIT
                                                                                              vary: Accept-Encoding
                                                                                              alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
                                                                                              content-length: 66115
                                                                                            • flag-gb
                                                                                              GET
                                                                                              http://fonts.googleapis.com/css?family=Open+Sans:300
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              216.58.204.74:80
                                                                                              Request
                                                                                              GET /css?family=Open+Sans:300 HTTP/1.1
                                                                                              Host: fonts.googleapis.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: text/css,*/*;q=0.1
                                                                                              Referer: http://utclient.utorrent.com/
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/css; charset=utf-8
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Timing-Allow-Origin: *
                                                                                              Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
                                                                                              Expires: Mon, 06 May 2024 17:02:48 GMT
                                                                                              Date: Mon, 06 May 2024 17:02:48 GMT
                                                                                              Cache-Control: private, max-age=86400, stale-while-revalidate=604800
                                                                                              Last-Modified: Mon, 06 May 2024 17:02:48 GMT
                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                              Cross-Origin-Opener-Policy: same-origin-allow-popups
                                                                                              Content-Encoding: gzip
                                                                                              Transfer-Encoding: chunked
                                                                                              Server: ESF
                                                                                              X-XSS-Protection: 0
                                                                                              X-Frame-Options: SAMEORIGIN
                                                                                              X-Content-Type-Options: nosniff
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "638343870221005468"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 304 Not Modified
                                                                                              Cache-Control: max-age=86400
                                                                                              Content-Length: 0
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: EnableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,TopTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:47 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.4.4:443
                                                                                              Request
                                                                                              GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
                                                                                              host: dns.google
                                                                                              accept: application/dns-message
                                                                                              accept-language: *
                                                                                              user-agent: Chrome
                                                                                              accept-encoding: identity
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.4.4:443
                                                                                              Request
                                                                                              GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
                                                                                              host: dns.google
                                                                                              accept: application/dns-message
                                                                                              accept-language: *
                                                                                              user-agent: Chrome
                                                                                              accept-encoding: identity
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3Nkaw5wcml2YWN5LWNlbnRlcgNvcmcAAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.4.4:443
                                                                                              Request
                                                                                              GET /dns-query?dns=AAABAAABAAAAAAABA3Nkaw5wcml2YWN5LWNlbnRlcgNvcmcAAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
                                                                                              host: dns.google
                                                                                              accept: application/dns-message
                                                                                              accept-language: *
                                                                                              user-agent: Chrome
                                                                                              accept-encoding: identity
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FkcwhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.4.4:443
                                                                                              Request
                                                                                              GET /dns-query?dns=AAABAAABAAAAAAABA2FkcwhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
                                                                                              host: dns.google
                                                                                              accept: application/dns-message
                                                                                              accept-language: *
                                                                                              user-agent: Chrome
                                                                                              accept-encoding: identity
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://dns.google/dns-query?dns=AAABAAABAAAAAAABBWktNjY2A2ItMAJhZAViZW5jaAh1dG9ycmVudANjb20AAAEAAQAAKRAAAAAAAABEAAwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              8.8.4.4:443
                                                                                              Request
                                                                                              GET /dns-query?dns=AAABAAABAAAAAAABBWktNjY2A2ItMAJhZAViZW5jaAh1dG9ycmVudANjb20AAAEAAQAAKRAAAAAAAABEAAwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
                                                                                              host: dns.google
                                                                                              accept: application/dns-message
                                                                                              accept-language: *
                                                                                              user-agent: Chrome
                                                                                              accept-encoding: identity
                                                                                            • flag-gb
                                                                                              GET
                                                                                              http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              216.58.212.227:80
                                                                                              Request
                                                                                              GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 HTTP/1.1
                                                                                              Host: fonts.gstatic.com
                                                                                              Connection: keep-alive
                                                                                              Origin: http://utclient.utorrent.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: */*
                                                                                              Referer: http://fonts.googleapis.com/
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Accept-Ranges: bytes
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                              Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
                                                                                              Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
                                                                                              Timing-Allow-Origin: *
                                                                                              Content-Length: 18704
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Server: sffe
                                                                                              X-XSS-Protection: 0
                                                                                              Date: Thu, 02 May 2024 21:18:44 GMT
                                                                                              Expires: Fri, 02 May 2025 21:18:44 GMT
                                                                                              Cache-Control: public, max-age=31536000
                                                                                              Age: 330248
                                                                                              Last-Modified: Thu, 14 Dec 2023 02:00:38 GMT
                                                                                              Content-Type: font/woff2
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "638343870221005468"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 304 Not Modified
                                                                                              Cache-Control: max-age=86400
                                                                                              Content-Length: 0
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: EnableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,TopTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:48 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              DNS
                                                                                              229.1.101.151.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              229.1.101.151.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              229.1.101.151.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              229.1.101.151.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              77.190.18.2.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              77.190.18.2.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              77.190.18.2.in-addr.arpa
                                                                                              IN PTR
                                                                                              a2-18-190-77deploystaticakamaitechnologiescom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              77.190.18.2.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              77.190.18.2.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              77.190.18.2.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              77.190.18.2.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              74.204.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              74.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              74.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr25s13-in-f741e100net
                                                                                              74.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr25s13-in-f10�H
                                                                                              74.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr48s49-in-f10�H
                                                                                            • flag-us
                                                                                              DNS
                                                                                              74.204.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              74.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              ams16s22-in-f31e100net
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              ams16s22-in-f227�H
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr25s28-in-f3�H
                                                                                            • flag-us
                                                                                              DNS
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              4.4.8.8.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              4.4.8.8.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              4.4.8.8.in-addr.arpa
                                                                                              IN PTR
                                                                                              dnsgoogle
                                                                                            • flag-us
                                                                                              DNS
                                                                                              4.4.8.8.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              4.4.8.8.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              4.4.8.8.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              4.4.8.8.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              232.212.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              232.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              232.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              ams16s22-in-f81e100net
                                                                                              232.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              ams16s22-in-f232�H
                                                                                              232.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr25s28-in-f8�H
                                                                                            • flag-us
                                                                                              DNS
                                                                                              232.212.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              232.212.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-38.b-47082.ut.bench.utorrent.com/e?i=38
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.204.244.120:80
                                                                                              Request
                                                                                              POST /e?i=38 HTTP/1.1
                                                                                              Host: i-38.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 223
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:49 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/data/settings HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiWTRaWFFaWG9DQnc9Iiwia2V5IjoibGVyRXo3NGVuVzhkTzZLcUMzYXFtdz09In0=
                                                                                              If-None-Match: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1396
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 304 Not Modified
                                                                                              Content-Length: 0
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:48 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://region1.google-analytics.com/g/collect?v=2&tid=G-HHFKT0D5PF&gtm=45je4510v893711416z8813078496za200&_p=1715014965535&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=926648014.1715014969&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_s=1&sid=1715014968&sct=1&seg=0&dl=https%3A%2F%2Fwww.utorrent.com%2Fprodnews%2F&dt=Your%20%C2%B5Torrent%20Software%20is%20Up%20to%20Date&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5420
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              216.239.34.36:443
                                                                                              Request
                                                                                              POST /g/collect?v=2&tid=G-HHFKT0D5PF&gtm=45je4510v893711416z8813078496za200&_p=1715014965535&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=926648014.1715014969&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_s=1&sid=1715014968&sct=1&seg=0&dl=https%3A%2F%2Fwww.utorrent.com%2Fprodnews%2F&dt=Your%20%C2%B5Torrent%20Software%20is%20Up%20to%20Date&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5420 HTTP/2.0
                                                                                              host: region1.google-analytics.com
                                                                                              content-length: 0
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              content-type: text/plain;charset=UTF-8
                                                                                              accept: */*
                                                                                              origin: https://www.utorrent.com
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://www.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "638343870221005468"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 304 Not Modified
                                                                                              Cache-Control: max-age=86400
                                                                                              Content-Length: 0
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: EnableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,TopTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:51 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://sdk.privacy-center.org/23f4a63d-9222-4f37-b358-33214ecb6672/loader.js?target=www.utorrent.com
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.120:443
                                                                                              Request
                                                                                              GET /23f4a63d-9222-4f37-b358-33214ecb6672/loader.js?target=www.utorrent.com HTTP/2.0
                                                                                              host: sdk.privacy-center.org
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              date: Mon, 06 May 2024 16:57:14 GMT
                                                                                              x-amzn-requestid: c2d1d765-c9d0-4fb0-9d53-7021c2bdfcb6
                                                                                              x-didomi-configs-version: 104
                                                                                              cache-control: max-age=7200, public
                                                                                              x-amzn-trace-id: root=1-66390bea-1f37e8200132f3a5063787f1;parent=4a594bafe3dd739f;sampled=0;lineage=eaae1266:0
                                                                                              x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
                                                                                              content-encoding: br
                                                                                              etag: W/"0994175ae6cc49f1ea66fb9ca1fc5012"
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                              x-amz-cf-id: vjXi1XaIGQAeiV5exJ_xcGeo7Rex3wmpahuOZ5eRhsRmXs-nJVrxog==
                                                                                              age: 335
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/legacy/sdk.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.120:443
                                                                                              Request
                                                                                              GET /sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/legacy/sdk.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js HTTP/2.0
                                                                                              host: sdk.privacy-center.org
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              date: Mon, 06 May 2024 13:47:30 GMT
                                                                                              last-modified: Mon, 06 May 2024 13:45:22 GMT
                                                                                              etag: W/"551143679e3112a5971eaa919b56ff35-1"
                                                                                              x-amz-server-side-encryption: AES256
                                                                                              cache-control: public, max-age=31536000
                                                                                              server: AmazonS3
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                              x-amz-cf-id: Wtmo2BGiAdP7CtDgz0K4itedkzoQ9UmCLnXBscKqBJ1XAOlYK0dfIg==
                                                                                              age: 11720
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/legacy/ui-gdpr-en-web.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              18.239.208.120:443
                                                                                              Request
                                                                                              GET /sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/legacy/ui-gdpr-en-web.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js HTTP/2.0
                                                                                              host: sdk.privacy-center.org
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://www.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              date: Mon, 06 May 2024 13:47:35 GMT
                                                                                              last-modified: Mon, 06 May 2024 13:45:25 GMT
                                                                                              etag: W/"1ecd865e73c9a6eef7ccf4b9805041af-1"
                                                                                              x-amz-server-side-encryption: AES256
                                                                                              cache-control: public, max-age=31536000
                                                                                              server: AmazonS3
                                                                                              content-encoding: gzip
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 13a33e73ac6e43b5973fd62a21c57d3e.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                              x-amz-cf-id: E1WuTriz5zGZPnNgLtro3uZFK7C8kYGJTi9pWaEYLHNkLijYu8FnTg==
                                                                                              age: 11716
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-38.b-47082.ut.bench.utorrent.com/e?i=38
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.204.244.120:80
                                                                                              Request
                                                                                              POST /e?i=38 HTTP/1.1
                                                                                              Host: i-38.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 223
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:50 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://sdk.privacy-center.org/23f4a63d-9222-4f37-b358-33214ecb6672/loader.js?target=video.rainberrytv.com
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.39:443
                                                                                              Request
                                                                                              GET /23f4a63d-9222-4f37-b358-33214ecb6672/loader.js?target=video.rainberrytv.com HTTP/2.0
                                                                                              host: sdk.privacy-center.org
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              x-amzn-requestid: 670d7180-be83-44af-ac78-efb376e5df78
                                                                                              x-didomi-configs-version: 104
                                                                                              x-amzn-trace-id: root=1-6638eb3d-3d7df2ab4935293b607cd2f4;parent=72c8a496927c0005;sampled=0;lineage=eaae1266:0
                                                                                              x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
                                                                                              content-encoding: br
                                                                                              date: Mon, 06 May 2024 16:37:49 GMT
                                                                                              cache-control: max-age=7200, public
                                                                                              etag: W/"d676346244b1ec4fcfe4f571109911eb"
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 b5a881aabeb53eabef56362664c79ea4.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                              x-amz-cf-id: 6LMUZhv7iOZMVb5AFeK-2yYVYYvQkhsJxP4TDFfT7YTgPKZAmK8IwA==
                                                                                              age: 1502
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/modern/sdk.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.39:443
                                                                                              Request
                                                                                              GET /sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/modern/sdk.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js HTTP/2.0
                                                                                              host: sdk.privacy-center.org
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              date: Mon, 06 May 2024 13:45:38 GMT
                                                                                              last-modified: Mon, 06 May 2024 13:45:27 GMT
                                                                                              etag: W/"3858480afd5c3611b267b9de517130e7-1"
                                                                                              x-amz-server-side-encryption: AES256
                                                                                              cache-control: public, max-age=31536000
                                                                                              server: AmazonS3
                                                                                              content-encoding: br
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 b5a881aabeb53eabef56362664c79ea4.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                              x-amz-cf-id: lzlor29gYN99yPEt-_mAB_8I3eqnEBgyKek6Ma4QJQWmPUT3Hy1fmg==
                                                                                              age: 11835
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/modern/ui-gdpr-en-web.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.39:443
                                                                                              Request
                                                                                              GET /sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/modern/ui-gdpr-en-web.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js HTTP/2.0
                                                                                              host: sdk.privacy-center.org
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: application/javascript; charset=utf-8
                                                                                              date: Mon, 06 May 2024 13:45:47 GMT
                                                                                              last-modified: Mon, 06 May 2024 13:45:30 GMT
                                                                                              etag: W/"c294a62c999c058f308b0aac6b9bca8b-1"
                                                                                              x-amz-server-side-encryption: AES256
                                                                                              cache-control: public, max-age=31536000
                                                                                              server: AmazonS3
                                                                                              content-encoding: br
                                                                                              vary: Accept-Encoding
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 b5a881aabeb53eabef56362664c79ea4.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                              x-amz-cf-id: C_kPczKmsDkbhYbkvcWwAx-_ammsuGThCaUBMAy-UTn27zU5czr5lw==
                                                                                              age: 11826
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://p.typekit.net/p.css?s=1&k=qne4zsu&ht=tk&f=39494.39495.39500.39501.39504.39505.39508.39509&a=17239514&app=typekit&e=css
                                                                                              msedge.exe
                                                                                              Remote address:
                                                                                              104.91.71.95:443
                                                                                              Request
                                                                                              GET /p.css?s=1&k=qne4zsu&ht=tk&f=39494.39495.39500.39501.39504.39505.39508.39509&a=17239514&app=typekit&e=css HTTP/2.0
                                                                                              host: p.typekit.net
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              dnt: 1
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: text/css,*/*;q=0.1
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: style
                                                                                              referer: https://www.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              server: nginx
                                                                                              content-type: text/css
                                                                                              content-length: 5
                                                                                              last-modified: Fri, 07 Jul 2023 12:40:57 GMT
                                                                                              etag: "64a807d9-5"
                                                                                              cache-control: public, max-age=604800
                                                                                              access-control-allow-origin: *
                                                                                              cross-origin-resource-policy: cross-origin
                                                                                              accept-ranges: bytes
                                                                                              date: Mon, 06 May 2024 17:02:50 GMT
                                                                                            • flag-us
                                                                                              DNS
                                                                                              120.208.239.18.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              120.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              120.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-208-120bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              95.71.91.104.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              95.71.91.104.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              95.71.91.104.in-addr.arpa
                                                                                              IN PTR
                                                                                              a104-91-71-95deploystaticakamaitechnologiescom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              124.208.239.18.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              124.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              124.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-208-124bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              10.246.215.67.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              10.246.215.67.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              10.246.215.67.in-addr.arpa
                                                                                              IN PTR
                                                                                              6721524610static quadranetcom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              10.246.215.67.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              10.246.215.67.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              10.246.215.67.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              10.246.215.67.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              10.246.215.67.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              10.246.215.67.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              39.208.239.18.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              39.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              39.208.239.18.in-addr.arpa
                                                                                              IN PTR
                                                                                              server-18-239-208-39bru50r cloudfrontnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              smartscreen.microsoft.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              smartscreen.microsoft.com
                                                                                              IN A
                                                                                              Response
                                                                                              smartscreen.microsoft.com
                                                                                              IN CNAME
                                                                                              wd-prod-ss.trafficmanager.net
                                                                                              wd-prod-ss.trafficmanager.net
                                                                                              IN CNAME
                                                                                              wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com
                                                                                              wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com
                                                                                              IN A
                                                                                              20.162.145.158
                                                                                            • flag-us
                                                                                              DNS
                                                                                              smartscreen.microsoft.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              smartscreen.microsoft.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              smartscreen.microsoft.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              smartscreen.microsoft.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              smartscreen.microsoft.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              smartscreen.microsoft.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              smartscreen.microsoft.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              smartscreen.microsoft.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              DNS
                                                                                              234.112.53.23.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              234.112.53.23.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              234.112.53.23.in-addr.arpa
                                                                                              IN PTR
                                                                                              a23-53-112-234deploystaticakamaitechnologiescom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              nav.smartscreen.microsoft.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              nav.smartscreen.microsoft.com
                                                                                              IN A
                                                                                              Response
                                                                                              nav.smartscreen.microsoft.com
                                                                                              IN CNAME
                                                                                              wd-prod-ss.trafficmanager.net
                                                                                              wd-prod-ss.trafficmanager.net
                                                                                              IN CNAME
                                                                                              wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com
                                                                                              wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com
                                                                                              IN A
                                                                                              20.162.145.158
                                                                                            • flag-us
                                                                                              DNS
                                                                                              157.174.217.52.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              157.174.217.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              157.174.217.52.in-addr.arpa
                                                                                              IN PTR
                                                                                              s3-website-us-east-1 amazonawscom
                                                                                            • flag-us
                                                                                              DNS
                                                                                              244.103.221.82.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              244.103.221.82.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              244.103.221.82.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              244.103.221.82.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              244.103.221.82.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              244.103.221.82.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              244.103.221.82.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              244.103.221.82.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-62.b-47082.ut.bench.utorrent.com/e?i=62
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.1.109.224:80
                                                                                              Request
                                                                                              POST /e?i=62 HTTP/1.1
                                                                                              Host: i-62.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 172
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:51 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-62.b-47082.ut.bench.utorrent.com/e?i=62
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.1.109.224:80
                                                                                              Request
                                                                                              POST /e?i=62 HTTP/1.1
                                                                                              Host: i-62.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 168
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:51 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-gb
                                                                                              GET
                                                                                              http://www.google-analytics.com/analytics.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              142.250.180.14:80
                                                                                              Request
                                                                                              GET /analytics.js HTTP/1.1
                                                                                              Host: www.google-analytics.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: */*
                                                                                              Referer: http://utclient.utorrent.com/
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Content-Encoding: gzip
                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                              Server: Golfe2
                                                                                              Content-Length: 20994
                                                                                              Date: Mon, 06 May 2024 15:46:24 GMT
                                                                                              Expires: Mon, 06 May 2024 17:46:24 GMT
                                                                                              Cache-Control: public, max-age=7200
                                                                                              Age: 4588
                                                                                              Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
                                                                                              Content-Type: text/javascript
                                                                                              Vary: Accept-Encoding
                                                                                            • flag-us
                                                                                              GET
                                                                                              https://www.utorrent.com/img/utnew/utweb-blue-checkmarks.svg
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              18.239.208.124:443
                                                                                              Request
                                                                                              GET /img/utnew/utweb-blue-checkmarks.svg HTTP/2.0
                                                                                              host: www.utorrent.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: image
                                                                                              referer: http://utclient.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/2.0 200
                                                                                              content-type: image/svg+xml
                                                                                              content-length: 167
                                                                                              x-amz-id-2: WVLM+WiNj+gqI2Uyu/chsXbF23hjm9KfOJ8WddnDVhp9afVAy7jHMZy1T1l3k+HlHTzQiBgeaa8=
                                                                                              x-amz-request-id: AQ7ZEK5KVJWDDZ6T
                                                                                              date: Fri, 15 Mar 2024 20:10:16 GMT
                                                                                              last-modified: Fri, 15 Mar 2024 19:53:59 GMT
                                                                                              etag: "8e17ef5a8c38ad2d7d48e0dfc587608d"
                                                                                              server: AmazonS3
                                                                                              cloudfront-viewer-country: GB
                                                                                              set-cookie: cloudfront-view-country=GB;Path=/
                                                                                              cache-control: public, max-age=0, must-revalidate
                                                                                              x-frame-options: DENY
                                                                                              content-security-policy: frame-ancestors 'self' https://*.trontv.com https://rainberrytv.com;
                                                                                              x-cache: Hit from cloudfront
                                                                                              via: 1.1 bca52b70421b8043e27a70a0a8860acc.cloudfront.net (CloudFront)
                                                                                              x-amz-cf-pop: BRU50-P1
                                                                                              x-amz-cf-id: ch_6utHiJAnnO2bZXHdIAkBMPQx5oP1SBlaNeZqwzf6vURLStvIU7A==
                                                                                              age: 4481557
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://utclient-staging.utorrent.com/pro/img/utpro.png
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              52.217.174.157:80
                                                                                              Request
                                                                                              GET /pro/img/utpro.png HTTP/1.1
                                                                                              Host: utclient-staging.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                              Referer: http://utclient.utorrent.com/
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              x-amz-id-2: 592wGiGLif5rufMp0b6xtgLshQX4S5067G7jesvnbCgimkkrNcv0wQq/F5zbS1bU6F8cosHhPNs=
                                                                                              x-amz-request-id: G345N4TTVRXN2BW6
                                                                                              Date: Mon, 06 May 2024 17:02:54 GMT
                                                                                              x-amz-meta-s3cmd-attrs: uid:107/gname:jenkins/uname:jenkins/gid:120/mode:33188/mtime:1441830063/atime:1441830063/ctime:1441830063
                                                                                              Cache-Control: s-maxage=300
                                                                                              Last-Modified: Wed, 09 Sep 2015 20:21:06 GMT
                                                                                              ETag: "a9a94aed455bc178aac54ef9a3ff5aad"
                                                                                              Content-Type: image/png
                                                                                              Server: AmazonS3
                                                                                              Content-Length: 3445
                                                                                            • flag-us
                                                                                              GET
                                                                                              http://i-54.b-xxx.bench.utorrent.com/e?i=54&e=eyJldmVudE5hbWUiOiJwcm9wYWdlIiwiYWN0aW9uIjoiaW1wcmVzc2lvbiIsInBhZ2V1cmwiOiJodHRwOi8vdXRjbGllbnQudXRvcnJlbnQuY29tL3Byby9pbmRleC5odG1sIiwic2FmZVVybCI6Imh0dHA6X191dGNsaWVudF91dG9ycmVudF9jb21fcHJvX2luZGV4X2h0bWwiLCJlbGFwc2VkQmVuY2hJbml0VGltZSI6MywiaWVWZXJzaW9uIjotMSwiZGltZW5zaW9ucyI6eyJkZXZpY2VTY3JlZW4iOnsid2lkdGgiOjEyODAsImhlaWdodCI6NzIwfSwidmlld3BvcnQiOnsid2lkdGgiOjg2MSwiaGVpZ2h0Ijo1Mjh9LCJkb2N1bWVudENvbnRlbnQiOnsid2lkdGgiOjg2MSwiaGVpZ2h0Ijo1Mjh9fSwidXNlckxhbmd1YWdlIjoiZW4tVVMiLCJ1bmlxdWVfaWQiOiIzNDIzMTVlOC0wOWNhLTY2N2QtZmI2Yi05NzVjOTJkN2JjNzEifQ==&callback=reqwest_1715014971826
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              52.1.109.224:80
                                                                                              Request
                                                                                              GET /e?i=54&e=eyJldmVudE5hbWUiOiJwcm9wYWdlIiwiYWN0aW9uIjoiaW1wcmVzc2lvbiIsInBhZ2V1cmwiOiJodHRwOi8vdXRjbGllbnQudXRvcnJlbnQuY29tL3Byby9pbmRleC5odG1sIiwic2FmZVVybCI6Imh0dHA6X191dGNsaWVudF91dG9ycmVudF9jb21fcHJvX2luZGV4X2h0bWwiLCJlbGFwc2VkQmVuY2hJbml0VGltZSI6MywiaWVWZXJzaW9uIjotMSwiZGltZW5zaW9ucyI6eyJkZXZpY2VTY3JlZW4iOnsid2lkdGgiOjEyODAsImhlaWdodCI6NzIwfSwidmlld3BvcnQiOnsid2lkdGgiOjg2MSwiaGVpZ2h0Ijo1Mjh9LCJkb2N1bWVudENvbnRlbnQiOnsid2lkdGgiOjg2MSwiaGVpZ2h0Ijo1Mjh9fSwidXNlckxhbmd1YWdlIjoiZW4tVVMiLCJ1bmlxdWVfaWQiOiIzNDIzMTVlOC0wOWNhLTY2N2QtZmI2Yi05NzVjOTJkN2JjNzEifQ==&callback=reqwest_1715014971826 HTTP/1.1
                                                                                              Host: i-54.b-xxx.bench.utorrent.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: */*
                                                                                              Referer: http://utclient.utorrent.com/
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:02:52 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 44
                                                                                              Connection: keep-alive
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/navigate/2 HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoia240TWtHNUJqYk09Iiwia2V5IjoiTGlDM2RGWTY5Ym1mc1dsNWJTd29PUT09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1934
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 1112
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://region1.google-analytics.com/g/collect?v=2&tid=G-9X9DE1ZRWZ&gtm=45je4510v9119026557za200&_p=1715014971780&gcd=13l3l3l3l1&npa=0&dma=0&cid=1551936123.1715014972&ul=en-us&sr=1280x720&ir=1&pscdl=noapi&_eu=EAAI&_s=1&sid=1715014972&sct=1&seg=0&dl=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Findex.html%3Fbrand%3Dut&dr=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Futorrent%2Findex.html&dt=&en=page_view&_fv=1&_ss=1&tfd=6620
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              216.239.32.36:443
                                                                                              Request
                                                                                              POST /g/collect?v=2&tid=G-9X9DE1ZRWZ&gtm=45je4510v9119026557za200&_p=1715014971780&gcd=13l3l3l3l1&npa=0&dma=0&cid=1551936123.1715014972&ul=en-us&sr=1280x720&ir=1&pscdl=noapi&_eu=EAAI&_s=1&sid=1715014972&sct=1&seg=0&dl=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Findex.html%3Fbrand%3Dut&dr=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Futorrent%2Findex.html&dt=&en=page_view&_fv=1&_ss=1&tfd=6620 HTTP/2.0
                                                                                              host: region1.google-analytics.com
                                                                                              content-length: 0
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              content-type: text/plain;charset=UTF-8
                                                                                              accept: */*
                                                                                              origin: http://utclient.utorrent.com
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: http://utclient.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                            • flag-us
                                                                                              POST
                                                                                              https://region1.google-analytics.com/g/collect?v=2&tid=G-M61B1PKGYV&gtm=45je4510v9123267351za200&_p=1715014971780&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1280x720&cid=1551936123.1715014972&ir=1&pscdl=noapi&_eu=EBAI&_s=1&dl=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Findex.html%3Fbrand%3Dut&sid=1715014972&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6849
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              216.239.32.36:443
                                                                                              Request
                                                                                              POST /g/collect?v=2&tid=G-M61B1PKGYV&gtm=45je4510v9123267351za200&_p=1715014971780&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1280x720&cid=1551936123.1715014972&ir=1&pscdl=noapi&_eu=EBAI&_s=1&dl=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Findex.html%3Fbrand%3Dut&sid=1715014972&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6849 HTTP/2.0
                                                                                              host: region1.google-analytics.com
                                                                                              content-length: 0
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              content-type: text/plain;charset=UTF-8
                                                                                              accept: */*
                                                                                              origin: http://utclient.utorrent.com
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: http://utclient.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                            • flag-fr
                                                                                              OPTIONS
                                                                                              https://www9.smartadserver.com/0/call
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              178.32.210.226:443
                                                                                              Request
                                                                                              OPTIONS /0/call HTTP/1.1
                                                                                              Host: www9.smartadserver.com
                                                                                              Connection: keep-alive
                                                                                              Accept: */*
                                                                                              Access-Control-Request-Method: POST
                                                                                              Access-Control-Request-Headers: content-type,traceparent,tracestate
                                                                                              Origin: https://video.rainberrytv.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Sec-Fetch-Mode: cors
                                                                                              Sec-Fetch-Site: cross-site
                                                                                              Sec-Fetch-Dest: empty
                                                                                              Referer: https://video.rainberrytv.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 204 No Content
                                                                                              date: Mon, 06 May 2024 17:02:52 GMT
                                                                                              access-control-allow-credentials: true
                                                                                              access-control-allow-headers: content-type,traceparent,tracestate
                                                                                              access-control-allow-methods: GET,HEAD,POST
                                                                                              access-control-allow-origin: https://video.rainberrytv.com
                                                                                              vary: Origin
                                                                                            • flag-fr
                                                                                              OPTIONS
                                                                                              https://www9.smartadserver.com/0/call?cklb=1
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              178.32.210.226:443
                                                                                              Request
                                                                                              OPTIONS /0/call?cklb=1 HTTP/1.1
                                                                                              Host: www9.smartadserver.com
                                                                                              Connection: keep-alive
                                                                                              Accept: */*
                                                                                              Access-Control-Request-Method: POST
                                                                                              Access-Control-Request-Headers: content-type,traceparent,tracestate
                                                                                              Origin: https://video.rainberrytv.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Sec-Fetch-Mode: cors
                                                                                              Sec-Fetch-Site: cross-site
                                                                                              Sec-Fetch-Dest: empty
                                                                                              Referer: https://video.rainberrytv.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 204 No Content
                                                                                              date: Mon, 06 May 2024 17:02:55 GMT
                                                                                              access-control-allow-credentials: true
                                                                                              access-control-allow-headers: content-type,traceparent,tracestate
                                                                                              access-control-allow-methods: GET,HEAD,POST
                                                                                              access-control-allow-origin: https://video.rainberrytv.com
                                                                                              vary: Origin
                                                                                            • flag-be
                                                                                              POST
                                                                                              https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-67506219-1&cid=1551936123.1715014972&jid=84904312&gjid=1953123917&_gid=1841880955.1715014972&_u=IEBAAEAAAAAAACAAI~&z=1065533853
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              64.233.167.157:443
                                                                                              Request
                                                                                              POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-67506219-1&cid=1551936123.1715014972&jid=84904312&gjid=1953123917&_gid=1841880955.1715014972&_u=IEBAAEAAAAAAACAAI~&z=1065533853 HTTP/2.0
                                                                                              host: stats.g.doubleclick.net
                                                                                              content-length: 0
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              content-type: text/plain
                                                                                              accept: */*
                                                                                              origin: http://utclient.utorrent.com
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: http://utclient.utorrent.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/navigate/2 HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoickwxRmk5a2srRG89Iiwia2V5IjoibWJ5bFlyUmtIM1orVm1JeGF6Q041QT09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 2487
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 1452
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:56 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/navigate/2 HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiRjlmYzVIcFZqL0U9Iiwia2V5IjoiTndJYUZVdnRIaG5aYWVXcVdXL3hIdz09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 2481
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 1444
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:57 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://imasdk.googleapis.com/js/sdkloader/ima3.js
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              142.250.187.202:443
                                                                                              Request
                                                                                              GET /js/sdkloader/ima3.js HTTP/2.0
                                                                                              host: imasdk.googleapis.com
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: no-cors
                                                                                              sec-fetch-dest: script
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                            • flag-us
                                                                                              DNS
                                                                                              36.32.239.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              36.32.239.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr25s13-in-f21e100net
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr48s49-in-f2�G
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr25s13-in-f66�G
                                                                                            • flag-us
                                                                                              DNS
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              66.204.58.216.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              226.210.32.178.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              226.210.32.178.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              226.210.32.178.in-addr.arpa
                                                                                              IN PTR
                                                                                              ip226 ip-178-32-210eu
                                                                                            • flag-us
                                                                                              DNS
                                                                                              239.197.79.204.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              239.197.79.204.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              53.164.167.185.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              53.164.167.185.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              157.167.233.64.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              157.167.233.64.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              157.167.233.64.in-addr.arpa
                                                                                              IN PTR
                                                                                              wl-in-f1571e100net
                                                                                            • flag-us
                                                                                              DNS
                                                                                              72.57.245.77.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              72.57.245.77.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              72.57.245.77.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              72.57.245.77.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-us
                                                                                              DNS
                                                                                              202.187.250.142.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              202.187.250.142.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              202.187.250.142.in-addr.arpa
                                                                                              IN PTR
                                                                                              lhr25s33-in-f101e100net
                                                                                            • flag-us
                                                                                              DNS
                                                                                              170.172.239.185.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              170.172.239.185.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                            • flag-us
                                                                                              DNS
                                                                                              170.172.239.185.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              170.172.239.185.in-addr.arpa
                                                                                              IN PTR
                                                                                            • flag-fr
                                                                                              POST
                                                                                              https://www9.smartadserver.com/0/call
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              178.32.210.226:443
                                                                                              Request
                                                                                              POST /0/call HTTP/1.1
                                                                                              Host: www9.smartadserver.com
                                                                                              Connection: keep-alive
                                                                                              Content-Length: 714
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              tracestate: eqtv-source=smartjs
                                                                                              traceparent: 00-b76acc550ba2efa19798c30dd2c5b07e-86bd83f5ac01a6e1-00
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              content-type: application/json
                                                                                              Accept: */*
                                                                                              Origin: https://video.rainberrytv.com
                                                                                              Sec-Fetch-Site: cross-site
                                                                                              Sec-Fetch-Mode: cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              Referer: https://video.rainberrytv.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 307 Temporary Redirect
                                                                                              content-length: 0
                                                                                              date: Mon, 06 May 2024 17:02:55 GMT
                                                                                              access-control-allow-credentials: true
                                                                                              access-control-allow-origin: https://video.rainberrytv.com
                                                                                              cache-control: no-cache,no-store
                                                                                              location: https://www9.smartadserver.com/0/call?cklb=1
                                                                                              pragma: no-cache
                                                                                              vary: Origin
                                                                                              p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
                                                                                            • flag-fr
                                                                                              POST
                                                                                              https://www9.smartadserver.com/0/call?cklb=1
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              178.32.210.226:443
                                                                                              Request
                                                                                              POST /0/call?cklb=1 HTTP/1.1
                                                                                              Host: www9.smartadserver.com
                                                                                              Connection: keep-alive
                                                                                              Content-Length: 714
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              tracestate: eqtv-source=smartjs
                                                                                              traceparent: 00-b76acc550ba2efa19798c30dd2c5b07e-86bd83f5ac01a6e1-00
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              content-type: application/json
                                                                                              Accept: */*
                                                                                              Origin: https://video.rainberrytv.com
                                                                                              Sec-Fetch-Site: cross-site
                                                                                              Sec-Fetch-Mode: cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              Referer: https://video.rainberrytv.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                            • flag-gb
                                                                                              GET
                                                                                              http://video.rainberrytv.com/partners/didomi/client-cmp-ut.min.html
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:80
                                                                                              Request
                                                                                              GET /partners/didomi/client-cmp-ut.min.html HTTP/1.1
                                                                                              Host: video.rainberrytv.com
                                                                                              Connection: keep-alive
                                                                                              Upgrade-Insecure-Requests: 1
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==; _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              x-amz-id-2: NHbMofHQcZVRkGJVzGd6nR1jW9E3iG6Xg1e2TCDE45s8t0RtL2em+C19BreCpA3jfG8yMOVMoag=
                                                                                              x-amz-request-id: F9E6Q2V7QC7BNWF5
                                                                                              Content-Type: text/html
                                                                                              Server: AmazonS3
                                                                                              X-LLID: 915d5bdfd040ce406fdd9cbf0c113dc8
                                                                                              Age: 76
                                                                                              Date: Mon, 06 May 2024 17:02:54 GMT
                                                                                              Last-Modified: Mon, 06 May 2024 06:28:15 GMT
                                                                                              Content-Length: 4578
                                                                                              X-IP-Address: 178.79.231.56
                                                                                              Connection: keep-alive
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Permissions-Policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              GET
                                                                                              http://video.rainberrytv.com/favicon.ico
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              87.248.205.1:80
                                                                                              Request
                                                                                              GET /favicon.ico HTTP/1.1
                                                                                              Host: video.rainberrytv.com
                                                                                              Connection: keep-alive
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                              Referer: http://video.rainberrytv.com/partners/didomi/client-cmp-ut.min.html
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Cookie: didomi_token=eyJ1c2VyX2lkIjoiMThmNGVkYmItMGQ3YS02ZDcwLTkyOGQtNDQxYTkwYTU0NmQzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDZUMTc6MDI6NTEuNjA3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA2VDE3OjAyOjUxLjYwOFoiLCJ2ZXJzaW9uIjpudWxsfQ==; _pbjs_userid_consent_data=6683316680106290
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              x-amz-id-2: qmLL6iZS1TpOSM6cG/3YqlkfdzfAe9bfC/1D3I5d0x5e/MMAcyHTlo1AKsOIjvtdsAkajYcmZG4=
                                                                                              x-amz-request-id: 9779S0B5K4AMAG20
                                                                                              Content-Type: image/vnd.microsoft.icon
                                                                                              Server: AmazonS3
                                                                                              X-LLID: e40543dc5295cb64d086a94fec73eae0
                                                                                              Age: 1040
                                                                                              Date: Mon, 06 May 2024 17:02:54 GMT
                                                                                              Last-Modified: Mon, 06 May 2024 06:28:14 GMT
                                                                                              Content-Length: 15406
                                                                                              X-IP-Address: 178.79.231.56
                                                                                              Connection: keep-alive
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Permissions-Policy: browsing-topics=()
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              POST /api/browser/edge/navigate/2 HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/json
                                                                                              Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiYUdKc09tQnVnQ0E9Iiwia2V5IjoieVFxTUZhWS8xc3AyNU9VK2tSUjladz09In0=
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Content-Length: 1752
                                                                                              Host: nav.smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Cache-Control: max-age=0, private
                                                                                              Content-Length: 876
                                                                                              Content-Type: application/json; charset=utf-8
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: enableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,topTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:02:53 GMT
                                                                                              Connection: close
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fvideo.rainberrytv.com%2Fsmart%2Fvideo%2Fima%2Fpod.html%3Fbucket%3Dclassic-us%2Bvideo%26adt%3D380%26browser%3Dother%26ce%3D90.0.818.66%26clientdata%3Dut%257C3.6.0.47082%257C0%26component%3D1%26geo%3Dus%26ie%3D11%26site%3D33049%26uid%3DXA7cRsPA6AiKyc4_%26usermuted%3D0%26w%3D10.0%26vid%3DbOsdtyqUklDA698
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              216.58.204.66:443
                                                                                              Request
                                                                                              GET /pagead/ima_ppub_config?ippd=https%3A%2F%2Fvideo.rainberrytv.com%2Fsmart%2Fvideo%2Fima%2Fpod.html%3Fbucket%3Dclassic-us%2Bvideo%26adt%3D380%26browser%3Dother%26ce%3D90.0.818.66%26clientdata%3Dut%257C3.6.0.47082%257C0%26component%3D1%26geo%3Dus%26ie%3D11%26site%3D33049%26uid%3DXA7cRsPA6AiKyc4_%26usermuted%3D0%26w%3D10.0%26vid%3DbOsdtyqUklDA698 HTTP/2.0
                                                                                              host: securepubads.g.doubleclick.net
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              accept: */*
                                                                                              origin: https://video.rainberrytv.com
                                                                                              sec-fetch-site: cross-site
                                                                                              sec-fetch-mode: cors
                                                                                              sec-fetch-dest: empty
                                                                                              referer: https://video.rainberrytv.com/
                                                                                              accept-encoding: gzip, deflate, br
                                                                                              accept-language: en-US,en;q=0.9
                                                                                            • flag-gb
                                                                                              POST
                                                                                              https://ghb.adtelligent.com/v2/auction/
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              185.239.172.170:443
                                                                                              Request
                                                                                              POST /v2/auction/ HTTP/1.1
                                                                                              Host: ghb.adtelligent.com
                                                                                              Connection: keep-alive
                                                                                              Content-Length: 705
                                                                                              sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                                                                              content-type: text/plain
                                                                                              Accept: */*
                                                                                              Origin: https://video.rainberrytv.com
                                                                                              Sec-Fetch-Site: cross-site
                                                                                              Sec-Fetch-Mode: cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              Referer: https://video.rainberrytv.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Server: Adtelligent
                                                                                              Date: Mon, 06 May 2024 17:03:00 GMT
                                                                                              Content-Type: application/json; charset=UTF-8
                                                                                              Content-Length: 120
                                                                                              Access-Control-Allow-Origin: https://video.rainberrytv.com
                                                                                              Access-Control-Allow-Credentials: true
                                                                                              Connection: Keep-Alive
                                                                                              X-Robots-Tag: noindex
                                                                                            • flag-gb
                                                                                              GET
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D
                                                                                              msedgewebview2.exe
                                                                                              Remote address:
                                                                                              20.162.145.158:443
                                                                                              Request
                                                                                              GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: application/x-patch-bsdiff, application/octet-stream
                                                                                              Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
                                                                                              If-None-Match: "638004170464094982"
                                                                                              User-Agent: SmartScreen/281479409434625
                                                                                              Host: smartscreen.microsoft.com
                                                                                              Response
                                                                                              HTTP/1.1 304 Not Modified
                                                                                              Cache-Control: max-age=86400
                                                                                              Content-Length: 0
                                                                                              Server: Microsoft-HTTPAPI/2.0
                                                                                              X-SmartScreen-Flight-Vector: EnableProxyLeniency,FixedSploitStop,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,TopTrafficV2MobileFlightEnabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4,UsePostDataEndpointsForNewAnaheimClient,WDSListApiE5V2Enabled
                                                                                              Date: Mon, 06 May 2024 17:03:00 GMT
                                                                                              Connection: close
                                                                                            • flag-us
                                                                                              DNS
                                                                                              84.211.89.185.in-addr.arpa
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              84.211.89.185.in-addr.arpa
                                                                                              IN PTR
                                                                                              Response
                                                                                              84.211.89.185.in-addr.arpa
                                                                                              IN PTR
                                                                                              959bm-nginx-loadbalancermgmtams3adnexusnet
                                                                                            • flag-us
                                                                                              DNS
                                                                                              i-43.b-47082.ut.bench.utorrent.com
                                                                                              Remote address:
                                                                                              8.8.8.8:53
                                                                                              Request
                                                                                              i-43.b-47082.ut.bench.utorrent.com
                                                                                              IN A
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-38.b-47082.ut.bench.utorrent.com/e?i=38
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.204.244.120:80
                                                                                              Request
                                                                                              POST /e?i=38 HTTP/1.1
                                                                                              Host: i-38.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 223
                                                                                              Response
                                                                                              HTTP/1.1 200 OK
                                                                                              Content-Type: text/html
                                                                                              Date: Mon, 06 May 2024 17:03:01 GMT
                                                                                              Server: nginx
                                                                                              X-Powered-By: PHP/5.4.30
                                                                                              Content-Length: 21
                                                                                              Connection: Close
                                                                                            • flag-us
                                                                                              POST
                                                                                              http://i-38.b-47082.ut.bench.utorrent.com/e?i=38
                                                                                              uTorrent.exe
                                                                                              Remote address:
                                                                                              52.204.244.120:80
                                                                                              Request
                                                                                              POST /e?i=38 HTTP/1.1
                                                                                              Host: i-38.b-47082.ut.bench.utorrent.com
                                                                                              User-Agent: ut_core BenchHttp (ver:47082)
                                                                                              Connection: close
                                                                                              Content-Length: 223
                                                                                            • 18.239.190.4:443
                                                                                              d42q8e9nhm7ym.cloudfront.net
                                                                                              tls
                                                                                              utorrent_installer(1).tmp
                                                                                              6.8kB
                                                                                              10.9kB
                                                                                              30
                                                                                              24
                                                                                            • 18.239.190.230:443
                                                                                              d2p3z23xtslrsm.cloudfront.net
                                                                                              tls
                                                                                              utorrent_installer(1).tmp
                                                                                              1.4kB
                                                                                              20.2kB
                                                                                              15
                                                                                              20
                                                                                            • 18.239.190.163:443
                                                                                              https://d27iw11mm1vkcl.cloudfront.net/f/Opera/files/1499/OperaSetup.zip
                                                                                              tls, http
                                                                                              utorrent_installer(1).tmp
                                                                                              103.8kB
                                                                                              3.3MB
                                                                                              1765
                                                                                              2359

                                                                                              HTTP Request

                                                                                              GET https://d27iw11mm1vkcl.cloudfront.net/f/RAV_Triple_NCB/images/DOTPS-855/EN.png

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://d27iw11mm1vkcl.cloudfront.net/f/WebAdvisor/images/943/EN.png

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://d27iw11mm1vkcl.cloudfront.net/f/Opera/images/DOTPS-717/UTO_NCB/EN.png

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://d27iw11mm1vkcl.cloudfront.net/f/WebAdvisor/files/1489/saBSI.zip

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://d27iw11mm1vkcl.cloudfront.net/f/Opera/files/1499/OperaSetup.zip

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.56:443
                                                                                              api.playanext.com
                                                                                              tls
                                                                                              utorrent_installer(1).tmp
                                                                                              1.7kB
                                                                                              6.7kB
                                                                                              11
                                                                                              10
                                                                                            • 18.239.208.56:443
                                                                                              api.playanext.com
                                                                                              tls
                                                                                              utorrent_installer(1).tmp
                                                                                              1.5kB
                                                                                              6.7kB
                                                                                              11
                                                                                              11
                                                                                            • 67.215.238.66:443
                                                                                              https://download-new.utorrent.com/endpoint/utorrent/os/riserollout/track/stable
                                                                                              tls, http
                                                                                              utorrent_installer(1).tmp
                                                                                              1.1kB
                                                                                              7.4kB
                                                                                              10
                                                                                              12

                                                                                              HTTP Request

                                                                                              HEAD https://download-new.utorrent.com/endpoint/utorrent/os/riserollout/track/stable

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 67.215.238.66:443
                                                                                              https://download-new.utorrent.com/endpoint/utorrent/os/riserollout/track/stable
                                                                                              tls, http
                                                                                              utorrent_installer(1).tmp
                                                                                              70.6kB
                                                                                              4.0MB
                                                                                              1508
                                                                                              2881

                                                                                              HTTP Request

                                                                                              GET https://download-new.utorrent.com/endpoint/utorrent/os/riserollout/track/stable

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 172.67.9.68:443
                                                                                              https://shield.reasonsecurity.com/rsStubActivator.exe
                                                                                              tls, http
                                                                                              utorrent_installer(1).tmp
                                                                                              2.0kB
                                                                                              55.4kB
                                                                                              35
                                                                                              61

                                                                                              HTTP Request

                                                                                              GET https://shield.reasonsecurity.com/rsStubActivator.exe

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.55.162.212:80
                                                                                              http://i-6000.b-47082.ut.bench.utorrent.com/e?i=6000
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              1.3kB
                                                                                              546 B
                                                                                              7
                                                                                              4

                                                                                              HTTP Request

                                                                                              POST http://i-6000.b-47082.ut.bench.utorrent.com/e?i=6000

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              POST http://i-6000.b-47082.ut.bench.utorrent.com/e?i=6000

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 67.215.246.203:80
                                                                                              http://update.utorrent.com/installstats.php?cl=uTorrent&v=113358826&h=XA7cRsPA6AiKyc4_&w=55F0000A&bu=0&pr=0&cmp=0&ocmp=0&showinstall&pid=3632&cau=0&lunv=0&au=0&view=win32
                                                                                              http
                                                                                              utorrent.exe
                                                                                              548 B
                                                                                              392 B
                                                                                              6
                                                                                              5

                                                                                              HTTP Request

                                                                                              GET http://update.utorrent.com/installstats.php?cl=uTorrent&v=113358826&h=XA7cRsPA6AiKyc4_&w=55F0000A&bu=0&pr=0&cmp=0&ocmp=0&showinstall&pid=3632&cau=0&lunv=0&au=0&view=win32

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 67.215.246.203:80
                                                                                              http://update.utorrent.com/installstats.php?cl=uTorrent&v=113358826&h=XA7cRsPA6AiKyc4_&w=55F0000A&bu=0&pr=0&cmp=0&ocmp=0&installresult&pid=3632&cau=0&lunv=0&installresult=0&exit=1&au=0&ic=1&view=win32
                                                                                              http
                                                                                              utorrent.exe
                                                                                              578 B
                                                                                              392 B
                                                                                              6
                                                                                              5

                                                                                              HTTP Request

                                                                                              GET http://update.utorrent.com/installstats.php?cl=uTorrent&v=113358826&h=XA7cRsPA6AiKyc4_&w=55F0000A&bu=0&pr=0&cmp=0&ocmp=0&installresult&pid=3632&cau=0&lunv=0&installresult=0&exit=1&au=0&ic=1&view=win32

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 172.67.9.68:443
                                                                                              shield.reasonsecurity.com
                                                                                              tls
                                                                                              component0.exe
                                                                                              75.6kB
                                                                                              2.0MB
                                                                                              1234
                                                                                              1487
                                                                                            • 35.160.202.158:443
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              tls, http
                                                                                              saBSI.exe
                                                                                              7.4kB
                                                                                              10.8kB
                                                                                              27
                                                                                              25

                                                                                              HTTP Request

                                                                                              PUT https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              PUT https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              PUT https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              PUT https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              PUT https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              PUT https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              PUT https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              PUT https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 96.16.53.134:443
                                                                                              sadownload.mcafee.com
                                                                                              tls
                                                                                              saBSI.exe
                                                                                              1.4MB
                                                                                              31.4MB
                                                                                              20650
                                                                                              22542
                                                                                            • 185.26.182.124:443
                                                                                              autoupdate.geo.opera.com
                                                                                              tls
                                                                                              OperaSetup.exe
                                                                                              1.1kB
                                                                                              4.8kB
                                                                                              13
                                                                                              10
                                                                                            • 185.26.182.124:443
                                                                                              autoupdate.geo.opera.com
                                                                                              tls
                                                                                              OperaSetup.exe
                                                                                              2.0kB
                                                                                              6.1kB
                                                                                              15
                                                                                              12
                                                                                            • 82.145.217.121:443
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              tls, http
                                                                                              OperaSetup.exe
                                                                                              4.5kB
                                                                                              4.8kB
                                                                                              22
                                                                                              14

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201
                                                                                            • 82.145.216.16:443
                                                                                              features.opera-api2.com
                                                                                              tls
                                                                                              OperaSetup.exe
                                                                                              1.2kB
                                                                                              5.9kB
                                                                                              12
                                                                                              10
                                                                                            • 82.145.216.24:443
                                                                                              download.opera.com
                                                                                              tls
                                                                                              OperaSetup.exe
                                                                                              1.5kB
                                                                                              4.5kB
                                                                                              16
                                                                                              12
                                                                                            • 104.18.11.89:443
                                                                                              download5.operacdn.com
                                                                                              tls
                                                                                              OperaSetup.exe
                                                                                              5.4MB
                                                                                              117.0MB
                                                                                              83887
                                                                                              83775
                                                                                            • 3.213.31.22:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              6.0kB
                                                                                              6.6kB
                                                                                              15
                                                                                              15

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 3.213.31.22:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              3.4kB
                                                                                              6.6kB
                                                                                              15
                                                                                              14

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 3.213.31.22:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              5.8kB
                                                                                              1.2kB
                                                                                              14
                                                                                              13

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 3.213.31.22:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              5.7kB
                                                                                              965 B
                                                                                              12
                                                                                              10

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.25:443
                                                                                              update.reasonsecurity.com
                                                                                              tls
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              2.8kB
                                                                                              7.7kB
                                                                                              17
                                                                                              16
                                                                                            • 3.213.31.22:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              5.8kB
                                                                                              971 B
                                                                                              13
                                                                                              11

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.34:443
                                                                                              electron-shell.reasonsecurity.com
                                                                                              tls
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              2.6MB
                                                                                              67.4MB
                                                                                              40999
                                                                                              48231
                                                                                            • 3.213.31.22:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              2.9kB
                                                                                              847 B
                                                                                              9
                                                                                              9

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 82.145.217.121:443
                                                                                              https://desktop-netinstaller-sub.osp.opera.software/v1/binary
                                                                                              tls, http
                                                                                              OperaSetup.exe
                                                                                              5.5kB
                                                                                              5.6kB
                                                                                              25
                                                                                              15

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201

                                                                                              HTTP Request

                                                                                              POST https://desktop-netinstaller-sub.osp.opera.software/v1/binary

                                                                                              HTTP Response

                                                                                              201
                                                                                            • 3.230.7.139:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              3.1kB
                                                                                              6.4kB
                                                                                              11
                                                                                              13

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 3.230.7.139:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              3.1kB
                                                                                              6.4kB
                                                                                              12
                                                                                              13

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 96.16.53.134:443
                                                                                              sadownload.mcafee.com
                                                                                              tls
                                                                                              ServiceHost.exe
                                                                                              3.7kB
                                                                                              88.6kB
                                                                                              58
                                                                                              74
                                                                                            • 104.68.84.174:443
                                                                                              https://home.mcafee.com/webservices/eulaservice.asmx
                                                                                              tls, http
                                                                                              installer.exe
                                                                                              2.3kB
                                                                                              11.7kB
                                                                                              13
                                                                                              15

                                                                                              HTTP Request

                                                                                              POST https://home.mcafee.com/webservices/eulaservice.asmx

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 35.160.202.158:443
                                                                                              https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record
                                                                                              tls, http
                                                                                              installer.exe
                                                                                              1.5kB
                                                                                              6.5kB
                                                                                              9
                                                                                              10

                                                                                              HTTP Request

                                                                                              PUT https://analytics.apis.mcafee.com/mosaic/2.0/product-web/am/v1/record

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 3.230.7.139:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              2.9kB
                                                                                              807 B
                                                                                              9
                                                                                              8

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 3.230.7.139:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              5.7kB
                                                                                              1.0kB
                                                                                              11
                                                                                              11

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.12:443
                                                                                              cdn.reasonsecurity.com
                                                                                              tls
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              1.1MB
                                                                                              28.8MB
                                                                                              16857
                                                                                              20592
                                                                                            • 3.230.7.139:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              3.1kB
                                                                                              847 B
                                                                                              9
                                                                                              9

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 3.230.7.139:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              2.8kB
                                                                                              847 B
                                                                                              8
                                                                                              9

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 3.230.7.139:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              2.9kB
                                                                                              847 B
                                                                                              8
                                                                                              9

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 3.230.7.139:443
                                                                                              https://track.analytics-data.io/
                                                                                              tls, http
                                                                                              RAVEndPointProtection-installer.exe
                                                                                              2.9kB
                                                                                              847 B
                                                                                              8
                                                                                              9

                                                                                              HTTP Request

                                                                                              POST https://track.analytics-data.io/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.5.70.92:80
                                                                                              http://i-21.b-47082.ut.bench.utorrent.com/e?i=21
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              654 B
                                                                                              386 B
                                                                                              5
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-21.b-47082.ut.bench.utorrent.com/e?i=21

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.5.70.92:80
                                                                                              http://i-21.b-47082.ut.bench.utorrent.com/e?i=21
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              775 B
                                                                                              386 B
                                                                                              5
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-21.b-47082.ut.bench.utorrent.com/e?i=21

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 173.254.195.58:80
                                                                                              update.bittorrent.com
                                                                                              uTorrent.exe
                                                                                              260 B
                                                                                              5
                                                                                            • 87.248.205.1:80
                                                                                              http://apps.bittorrent.com/utorrent-onboarding/player.btapp
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              386 B
                                                                                              834 B
                                                                                              5
                                                                                              5

                                                                                              HTTP Request

                                                                                              GET http://apps.bittorrent.com/utorrent-onboarding/player.btapp

                                                                                              HTTP Response

                                                                                              403
                                                                                            • 87.248.205.1:80
                                                                                              http://cdn.ap.bittorrent.com/control/feature/tags/ut.json
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              476 B
                                                                                              4.7kB
                                                                                              7
                                                                                              8

                                                                                              HTTP Request

                                                                                              GET http://cdn.ap.bittorrent.com/control/feature/tags/ut.json

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 87.248.205.1:80
                                                                                              http://cdn.ap.bittorrent.com/control/tags/ut.json
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              1.0kB
                                                                                              33.6kB
                                                                                              19
                                                                                              29

                                                                                              HTTP Request

                                                                                              GET http://cdn.ap.bittorrent.com/control/tags/ut.json

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/actions
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              2.9kB
                                                                                              12.9kB
                                                                                              17
                                                                                              14

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/actions

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              nav.smartscreen.microsoft.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              1.0kB
                                                                                              7.6kB
                                                                                              11
                                                                                              10
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/actions
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              2.9kB
                                                                                              12.9kB
                                                                                              15
                                                                                              15

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/actions

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 98.143.146.7:80
                                                                                              http://utorrent.com/prodnews?v=3%2e6%2e0%2e1%2e47082&pv=0.0.0.0.0
                                                                                              http
                                                                                              msedge.exe
                                                                                              1.2kB
                                                                                              482 B
                                                                                              5
                                                                                              2

                                                                                              HTTP Request

                                                                                              GET http://utorrent.com/prodnews?v=3%2e6%2e0%2e1%2e47082&pv=0.0.0.0.0

                                                                                              HTTP Response

                                                                                              301
                                                                                            • 98.143.146.7:80
                                                                                              utorrent.com
                                                                                              msedge.exe
                                                                                              98 B
                                                                                              52 B
                                                                                              2
                                                                                              1
                                                                                            • 52.0.219.152:80
                                                                                              http://i-24.b-47082.ut.bench.utorrent.com/e?i=24
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              573 B
                                                                                              386 B
                                                                                              5
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-24.b-47082.ut.bench.utorrent.com/e?i=24

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 44.214.14.78:80
                                                                                              http://i-64.b-47082.ut.bench.utorrent.com/e?i=64
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              669 B
                                                                                              386 B
                                                                                              7
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-64.b-47082.ut.bench.utorrent.com/e?i=64

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              9.8kB
                                                                                              296.7kB
                                                                                              146
                                                                                              217

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              7.3kB
                                                                                              7.5kB
                                                                                              13
                                                                                              9

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              4.1kB
                                                                                              10.3kB
                                                                                              13
                                                                                              10

                                                                                              HTTP Request

                                                                                              POST https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              5.0kB
                                                                                              141.6kB
                                                                                              61
                                                                                              105

                                                                                              HTTP Request

                                                                                              POST https://smartscreen.microsoft.com/api/browser/edge/data/settings

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.5kB
                                                                                              8.3kB
                                                                                              14
                                                                                              11

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.3kB
                                                                                              9.7kB
                                                                                              14
                                                                                              12

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/actions
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              2.7kB
                                                                                              12.9kB
                                                                                              14
                                                                                              14

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/actions

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.204.244.120:80
                                                                                              http://i-29.b-47082.ut.bench.utorrent.com/e?i=29
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              578 B
                                                                                              386 B
                                                                                              5
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-29.b-47082.ut.bench.utorrent.com/e?i=29

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.204.244.120:80
                                                                                              http://i-29.b-47082.ut.bench.utorrent.com/e?i=29
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              506 B
                                                                                              394 B
                                                                                              4
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-29.b-47082.ut.bench.utorrent.com/e?i=29

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.54:80
                                                                                              http://utclient.utorrent.com/pro/style.css
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              2.8kB
                                                                                              6.8kB
                                                                                              12
                                                                                              12

                                                                                              HTTP Request

                                                                                              GET http://utclient.utorrent.com/pro/utorrent/index.html

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET http://utclient.utorrent.com/pro/commonjs/redirect.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET http://utclient.utorrent.com/pro/index.html?brand=ut

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET http://utclient.utorrent.com/pro/style.css

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.54:80
                                                                                              http://utclient.utorrent.com/pro/table.css
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              667 B
                                                                                              5.6kB
                                                                                              6
                                                                                              7

                                                                                              HTTP Request

                                                                                              GET http://utclient.utorrent.com/pro/table.css

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 87.248.205.1:443
                                                                                              https://video.rainberrytv.com/smart/video/ima/ima.js
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              25.3kB
                                                                                              804.2kB
                                                                                              396
                                                                                              606

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/network/start.html?ver=3%2e6%2e0%2e1%2e47082

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/smartUtil.js

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/assets/js/yaml.min.js

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/favicon.ico

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=4&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              304

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/assets/js/default-lb.yaml

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/assets/js/classic-lb-us.yaml

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/display/smart.html?bucket=classic-us+video&adt=4&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=l2WwbY5jlN1j7Oo

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/dist/typedUtils.js

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/smartBench.js

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/assets/js/base64.js

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/assets/js/sha256.min.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/assets/js/display-config.json

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/prebid.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/network/utclassic-content.html?bucket=classic-us+video&adt=380&browser=other&ce=90%2e0%2e818%2e66&clientdata=ut%7c3%2e6%2e0%2e47082%7c0&component=1&geo=us&id=&ie=11&site=33049&uid=XA7cRsPA6AiKyc4%5f&usermuted=0&w=10%2e0

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/assets/js/default.yaml

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/assets/js/classic-us+video.yaml

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/pod.html?bucket=classic-us+video&adt=380&browser=other&ce=90.0.818.66&clientdata=ut%7C3.6.0.47082%7C0&component=1&geo=us&ie=11&site=33049&uid=XA7cRsPA6AiKyc4_&usermuted=0&w=10.0&vid=bOsdtyqUklDA698

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/assets/css/video.css

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/pod.css

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/style.css

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/modules/video.js/dist/video-js.min.css

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/modules/videojs-contrib-ads/dist/videojs.ads.css

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/dist/videojs.ima.css

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/modules/video.js/dist/video.min.js

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/modules/videojs-contrib-ads/dist/videojs.ads.min.js

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/dist/videojs.ima.js

                                                                                              HTTP Request

                                                                                              GET https://video.rainberrytv.com/smart/video/ima/ima.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 87.248.205.1:443
                                                                                              video.rainberrytv.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              1.2kB
                                                                                              7.9kB
                                                                                              13
                                                                                              12
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              4.1kB
                                                                                              12.1kB
                                                                                              26
                                                                                              21

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              13.1kB
                                                                                              493.5kB
                                                                                              217
                                                                                              358

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              5.2kB
                                                                                              142.8kB
                                                                                              62
                                                                                              107

                                                                                              HTTP Request

                                                                                              POST https://smartscreen.microsoft.com/api/browser/edge/data/settings

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.3kB
                                                                                              14.8kB
                                                                                              18
                                                                                              15

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.4kB
                                                                                              14.8kB
                                                                                              18
                                                                                              15

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              4.2kB
                                                                                              18.1kB
                                                                                              31
                                                                                              31

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.1.109.224:80
                                                                                              http://i-32.b-47082.ut.bench.utorrent.com/e?i=32
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              575 B
                                                                                              386 B
                                                                                              5
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-32.b-47082.ut.bench.utorrent.com/e?i=32

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.122:80
                                                                                              http://www.utorrent.com/prodnews
                                                                                              http
                                                                                              msedge.exe
                                                                                              640 B
                                                                                              706 B
                                                                                              4
                                                                                              3

                                                                                              HTTP Request

                                                                                              GET http://www.utorrent.com/prodnews

                                                                                              HTTP Response

                                                                                              301
                                                                                            • 104.17.24.14:443
                                                                                              https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.13/es5-shim.min.js
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              1.8kB
                                                                                              9.8kB
                                                                                              16
                                                                                              15

                                                                                              HTTP Request

                                                                                              GET https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.13/es5-shim.min.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.122:443
                                                                                              https://www.utorrent.com/static/faviconUT-be6029e02bb2d6e0415a561c42641a2f.ico
                                                                                              tls, http2
                                                                                              msedge.exe
                                                                                              43.5kB
                                                                                              1.4MB
                                                                                              793
                                                                                              1072

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/prodnews

                                                                                              HTTP Response

                                                                                              301

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/prodnews/

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/static/Inter-Regular-1e081edc16d92d42aeccec760174fbf4.woff2

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/static/Inter-Medium-c709803c3cab6f1116039e881ecf531a.woff2

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/static/Inter-Bold-e7ae98681edfa1df7f1e3ebba0d4fb88.woff2

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/static/Inter-Thin-9c96c7a2494ef60e8c2c75ad9baf1c5c.woff2

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/static/Inter-ExtraLight-8381bcfb1339ad96a5675d5dcfcbcd09.woff2

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/webpack-runtime-6ad5d20e9cacfad52051.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/framework-eccc61fe56658d61fa21.js

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/styles-6da2bce19ba3ad2246ef.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/1bfc9850-720c498ecb470d5e9258.js

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/95b64a6e-cfd6bd7bfda8c02495b9.js

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/app-77702c871f01d98a23a2.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/component---src-pages-prodnews-index-js-328108866c6007c1eba9.js

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/page-data/prodnews/page-data.json

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/page-data/sq/d/2794733127.json

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/page-data/app-data.json

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/static/nord_tower_300_600-4b13b4ef8daafe3126521a923f4d515c.png

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/images/pro-free-trial/cat-14days-en.png

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/36-6933f9537e69ef7df1be.js

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/35-b1719e0d2294058cf79b.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/qne4zsu.css

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/fonts/Inter/inter.css

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/static/faviconUT-be6029e02bb2d6e0415a561c42641a2f.ico

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 104.17.24.14:443
                                                                                              cdnjs.cloudflare.com
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              840 B
                                                                                              912 B
                                                                                              5
                                                                                              4
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.4kB
                                                                                              14.0kB
                                                                                              16
                                                                                              15

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 104.17.247.203:443
                                                                                              https://unpkg.com/@videojs/themes@1.0.1/dist/city/index.css
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              3.9kB
                                                                                              63.3kB
                                                                                              57
                                                                                              63

                                                                                              HTTP Request

                                                                                              GET https://unpkg.com/core-js-bundle@3.14.0/minified.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://unpkg.com/@videojs/themes@1/dist/city/index.css

                                                                                              HTTP Response

                                                                                              302

                                                                                              HTTP Request

                                                                                              GET https://unpkg.com/@videojs/themes@1.0.1/dist/city/index.css

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              6.4kB
                                                                                              147.0kB
                                                                                              82
                                                                                              110

                                                                                              HTTP Request

                                                                                              POST https://smartscreen.microsoft.com/api/browser/edge/data/settings

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 87.248.205.1:443
                                                                                              https://content.bt.co/channels/utclassic-content/content-100.xml
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              1.9kB
                                                                                              12.5kB
                                                                                              16
                                                                                              18

                                                                                              HTTP Request

                                                                                              GET https://content.bt.co/channels/utclassic-content/content-41.xml

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://content.bt.co/channels/utclassic-content/content-100.xml

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 87.248.205.1:443
                                                                                              content.bt.co
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              1.7kB
                                                                                              7.7kB
                                                                                              10
                                                                                              9
                                                                                            • 52.5.70.92:80
                                                                                              http://i-49.b-47082.ut.bench.utorrent.com/e?i=49
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              1.4kB
                                                                                              354 B
                                                                                              9
                                                                                              4

                                                                                              HTTP Request

                                                                                              POST http://i-49.b-47082.ut.bench.utorrent.com/e?i=49

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              4.6kB
                                                                                              13.8kB
                                                                                              19
                                                                                              16

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.54:80
                                                                                              http://utclient.utorrent.com/pro/3p/es5-shim.js
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              1.9kB
                                                                                              64.9kB
                                                                                              32
                                                                                              49

                                                                                              HTTP Request

                                                                                              GET http://utclient.utorrent.com/pro/3p/es5-shim.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.54:80
                                                                                              http://utclient.utorrent.com/pro/3p/es5-sham.js
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              927 B
                                                                                              22.1kB
                                                                                              12
                                                                                              19

                                                                                              HTTP Request

                                                                                              GET http://utclient.utorrent.com/pro/3p/es5-sham.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.54:80
                                                                                              http://utclient.utorrent.com/favicon.ico
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              26.2kB
                                                                                              722.9kB
                                                                                              443
                                                                                              524

                                                                                              HTTP Request

                                                                                              GET http://utclient.utorrent.com/pro/app/bundle-sfx.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET http://utclient.utorrent.com/favicon.ico

                                                                                              HTTP Response

                                                                                              403
                                                                                            • 142.250.200.46:443
                                                                                              https://www.googleoptimize.com/optimize.js?id=OPT-WP37VXJ
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              4.7kB
                                                                                              76.3kB
                                                                                              52
                                                                                              61

                                                                                              HTTP Request

                                                                                              GET https://www.googleoptimize.com/optimize.js?id=OPT-WP37VXJ
                                                                                            • 151.101.1.229:443
                                                                                              cdn.jsdelivr.net
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              1.2kB
                                                                                              5.5kB
                                                                                              12
                                                                                              9
                                                                                            • 151.101.194.137:443
                                                                                              code.jquery.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              1.4kB
                                                                                              685 B
                                                                                              7
                                                                                              5
                                                                                            • 2.18.190.77:443
                                                                                              ced.sascdn.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              1.8kB
                                                                                              1.1kB
                                                                                              10
                                                                                              6
                                                                                            • 104.18.53.237:443
                                                                                              https://cdn.polyfill.io/v3/polyfill.min.js
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              1.6kB
                                                                                              6.1kB
                                                                                              13
                                                                                              14

                                                                                              HTTP Request

                                                                                              GET https://cdn.polyfill.io/v3/polyfill.min.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 151.101.194.137:443
                                                                                              https://code.jquery.com/jquery-1.11.2.min.js
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              2.8kB
                                                                                              43.0kB
                                                                                              35
                                                                                              39

                                                                                              HTTP Request

                                                                                              GET https://code.jquery.com/jquery-1.11.2.min.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 2.18.190.77:443
                                                                                              https://ced.sascdn.com/tag/2132/smart.js
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              2.2kB
                                                                                              45.8kB
                                                                                              23
                                                                                              40

                                                                                              HTTP Request

                                                                                              GET https://ced.sascdn.com/tag/2132/smart.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 151.101.1.229:443
                                                                                              https://cdn.jsdelivr.net/npm/core-js-bundle@3.20.3/minified.js
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              5.1kB
                                                                                              75.8kB
                                                                                              56
                                                                                              59

                                                                                              HTTP Request

                                                                                              GET https://cdn.jsdelivr.net/npm/core-js-bundle@3.20.3/minified.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 216.58.204.74:80
                                                                                              http://fonts.googleapis.com/css?family=Open+Sans:300
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              1.1kB
                                                                                              2.4kB
                                                                                              7
                                                                                              5

                                                                                              HTTP Request

                                                                                              GET http://fonts.googleapis.com/css?family=Open+Sans:300

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.5kB
                                                                                              8.2kB
                                                                                              13
                                                                                              11

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release

                                                                                              HTTP Response

                                                                                              304
                                                                                            • 8.8.4.4:443
                                                                                              https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              2.1kB
                                                                                              6.6kB
                                                                                              16
                                                                                              15

                                                                                              HTTP Request

                                                                                              GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                            • 8.8.4.4:443
                                                                                              https://dns.google/dns-query?dns=AAABAAABAAAAAAABBWktNjY2A2ItMAJhZAViZW5jaAh1dG9ycmVudANjb20AAAEAAQAAKRAAAAAAAABEAAwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              3.7kB
                                                                                              9.0kB
                                                                                              26
                                                                                              27

                                                                                              HTTP Request

                                                                                              GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

                                                                                              HTTP Request

                                                                                              GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3Nkaw5wcml2YWN5LWNlbnRlcgNvcmcAAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

                                                                                              HTTP Request

                                                                                              GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FkcwhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

                                                                                              HTTP Request

                                                                                              GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBWktNjY2A2ItMAJhZAViZW5jaAh1dG9ycmVudANjb20AAAEAAQAAKRAAAAAAAABEAAwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                            • 216.58.212.227:80
                                                                                              http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              1.1kB
                                                                                              20.7kB
                                                                                              13
                                                                                              19

                                                                                              HTTP Request

                                                                                              GET http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              8.2kB
                                                                                              8.9kB
                                                                                              19
                                                                                              13

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release

                                                                                              HTTP Response

                                                                                              304
                                                                                            • 52.204.244.120:80
                                                                                              http://i-38.b-47082.ut.bench.utorrent.com/e?i=38
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              655 B
                                                                                              394 B
                                                                                              6
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-38.b-47082.ut.bench.utorrent.com/e?i=38

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/api/browser/edge/data/settings
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.1kB
                                                                                              8.2kB
                                                                                              14
                                                                                              11

                                                                                              HTTP Request

                                                                                              POST https://smartscreen.microsoft.com/api/browser/edge/data/settings

                                                                                              HTTP Response

                                                                                              304
                                                                                            • 216.239.34.36:443
                                                                                              https://region1.google-analytics.com/g/collect?v=2&tid=G-HHFKT0D5PF&gtm=45je4510v893711416z8813078496za200&_p=1715014965535&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=926648014.1715014969&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_s=1&sid=1715014968&sct=1&seg=0&dl=https%3A%2F%2Fwww.utorrent.com%2Fprodnews%2F&dt=Your%20%C2%B5Torrent%20Software%20is%20Up%20to%20Date&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5420
                                                                                              tls, http2
                                                                                              msedge.exe
                                                                                              2.6kB
                                                                                              6.5kB
                                                                                              14
                                                                                              14

                                                                                              HTTP Request

                                                                                              POST https://region1.google-analytics.com/g/collect?v=2&tid=G-HHFKT0D5PF&gtm=45je4510v893711416z8813078496za200&_p=1715014965535&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=926648014.1715014969&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_s=1&sid=1715014968&sct=1&seg=0&dl=https%3A%2F%2Fwww.utorrent.com%2Fprodnews%2F&dt=Your%20%C2%B5Torrent%20Software%20is%20Up%20to%20Date&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5420
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              7.5kB
                                                                                              8.3kB
                                                                                              16
                                                                                              12

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.22000.493.co_release

                                                                                              HTTP Response

                                                                                              304
                                                                                            • 18.239.208.120:443
                                                                                              sdk.privacy-center.org
                                                                                              tls, http2
                                                                                              msedge.exe
                                                                                              909 B
                                                                                              694 B
                                                                                              7
                                                                                              6
                                                                                            • 18.239.208.120:443
                                                                                              https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/legacy/ui-gdpr-en-web.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js
                                                                                              tls, http2
                                                                                              msedge.exe
                                                                                              9.0kB
                                                                                              235.1kB
                                                                                              138
                                                                                              175

                                                                                              HTTP Request

                                                                                              GET https://sdk.privacy-center.org/23f4a63d-9222-4f37-b358-33214ecb6672/loader.js?target=www.utorrent.com

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/legacy/sdk.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/legacy/ui-gdpr-en-web.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.204.244.120:80
                                                                                              http://i-38.b-47082.ut.bench.utorrent.com/e?i=38
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              695 B
                                                                                              608 B
                                                                                              7
                                                                                              6

                                                                                              HTTP Request

                                                                                              POST http://i-38.b-47082.ut.bench.utorrent.com/e?i=38

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.1.109.224:443
                                                                                              i-666.b-0.ad.bench.utorrent.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              4.2kB
                                                                                              6.2kB
                                                                                              13
                                                                                              11
                                                                                            • 52.1.109.224:443
                                                                                              i-666.b-0.ad.bench.utorrent.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              2.6kB
                                                                                              873 B
                                                                                              8
                                                                                              6
                                                                                            • 52.1.109.224:443
                                                                                              i-666.b-0.ad.bench.utorrent.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              850 B
                                                                                              309 B
                                                                                              6
                                                                                              4
                                                                                            • 23.53.112.234:443
                                                                                              ads.pubmatic.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              1.5kB
                                                                                              370 B
                                                                                              8
                                                                                              5
                                                                                            • 18.239.208.39:443
                                                                                              https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/modern/ui-gdpr-en-web.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              7.3kB
                                                                                              161.3kB
                                                                                              79
                                                                                              126

                                                                                              HTTP Request

                                                                                              GET https://sdk.privacy-center.org/23f4a63d-9222-4f37-b358-33214ecb6672/loader.js?target=video.rainberrytv.com

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/modern/sdk.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET https://sdk.privacy-center.org/sdk/efce2e8fa6c638c02a84b0a8b12861ee56f85c9f/modern/ui-gdpr-en-web.efce2e8fa6c638c02a84b0a8b12861ee56f85c9f.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 23.53.112.234:443
                                                                                              ads.pubmatic.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              3.8kB
                                                                                              75.5kB
                                                                                              47
                                                                                              62
                                                                                            • 104.91.71.95:443
                                                                                              https://p.typekit.net/p.css?s=1&k=qne4zsu&ht=tk&f=39494.39495.39500.39501.39504.39505.39508.39509&a=17239514&app=typekit&e=css
                                                                                              tls, http2
                                                                                              msedge.exe
                                                                                              1.7kB
                                                                                              6.6kB
                                                                                              12
                                                                                              17

                                                                                              HTTP Request

                                                                                              GET https://p.typekit.net/p.css?s=1&k=qne4zsu&ht=tk&f=39494.39495.39500.39501.39504.39505.39508.39509&a=17239514&app=typekit&e=css

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.1.109.224:80
                                                                                              http://i-62.b-47082.ut.bench.utorrent.com/e?i=62
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              552 B
                                                                                              386 B
                                                                                              5
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-62.b-47082.ut.bench.utorrent.com/e?i=62

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.1.109.224:80
                                                                                              http://i-62.b-47082.ut.bench.utorrent.com/e?i=62
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              640 B
                                                                                              434 B
                                                                                              7
                                                                                              6

                                                                                              HTTP Request

                                                                                              POST http://i-62.b-47082.ut.bench.utorrent.com/e?i=62

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 10.127.0.81:21370
                                                                                              uTorrent.exe
                                                                                            • 142.250.180.14:80
                                                                                              http://www.google-analytics.com/analytics.js
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              1.2kB
                                                                                              23.5kB
                                                                                              17
                                                                                              18

                                                                                              HTTP Request

                                                                                              GET http://www.google-analytics.com/analytics.js

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 18.239.208.124:443
                                                                                              https://www.utorrent.com/img/utnew/utweb-blue-checkmarks.svg
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              1.6kB
                                                                                              7.0kB
                                                                                              11
                                                                                              12

                                                                                              HTTP Request

                                                                                              GET https://www.utorrent.com/img/utnew/utweb-blue-checkmarks.svg

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.1.109.224:80
                                                                                              i-62.b-47082.ut.bench.utorrent.com
                                                                                              msedgewebview2.exe
                                                                                              150 B
                                                                                              52 B
                                                                                              3
                                                                                              1
                                                                                            • 52.217.174.157:80
                                                                                              http://utclient-staging.utorrent.com/pro/img/utpro.png
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              1.2kB
                                                                                              5.6kB
                                                                                              8
                                                                                              8

                                                                                              HTTP Request

                                                                                              GET http://utclient-staging.utorrent.com/pro/img/utpro.png

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.1.109.224:80
                                                                                              http://i-54.b-xxx.bench.utorrent.com/e?i=54&e=eyJldmVudE5hbWUiOiJwcm9wYWdlIiwiYWN0aW9uIjoiaW1wcmVzc2lvbiIsInBhZ2V1cmwiOiJodHRwOi8vdXRjbGllbnQudXRvcnJlbnQuY29tL3Byby9pbmRleC5odG1sIiwic2FmZVVybCI6Imh0dHA6X191dGNsaWVudF91dG9ycmVudF9jb21fcHJvX2luZGV4X2h0bWwiLCJlbGFwc2VkQmVuY2hJbml0VGltZSI6MywiaWVWZXJzaW9uIjotMSwiZGltZW5zaW9ucyI6eyJkZXZpY2VTY3JlZW4iOnsid2lkdGgiOjEyODAsImhlaWdodCI6NzIwfSwidmlld3BvcnQiOnsid2lkdGgiOjg2MSwiaGVpZ2h0Ijo1Mjh9LCJkb2N1bWVudENvbnRlbnQiOnsid2lkdGgiOjg2MSwiaGVpZ2h0Ijo1Mjh9fSwidXNlckxhbmd1YWdlIjoiZW4tVVMiLCJ1bmlxdWVfaWQiOiIzNDIzMTVlOC0wOWNhLTY2N2QtZmI2Yi05NzVjOTJkN2JjNzEifQ==&callback=reqwest_1715014971826
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              1.1kB
                                                                                              342 B
                                                                                              4
                                                                                              3

                                                                                              HTTP Request

                                                                                              GET http://i-54.b-xxx.bench.utorrent.com/e?i=54&e=eyJldmVudE5hbWUiOiJwcm9wYWdlIiwiYWN0aW9uIjoiaW1wcmVzc2lvbiIsInBhZ2V1cmwiOiJodHRwOi8vdXRjbGllbnQudXRvcnJlbnQuY29tL3Byby9pbmRleC5odG1sIiwic2FmZVVybCI6Imh0dHA6X191dGNsaWVudF91dG9ycmVudF9jb21fcHJvX2luZGV4X2h0bWwiLCJlbGFwc2VkQmVuY2hJbml0VGltZSI6MywiaWVWZXJzaW9uIjotMSwiZGltZW5zaW9ucyI6eyJkZXZpY2VTY3JlZW4iOnsid2lkdGgiOjEyODAsImhlaWdodCI6NzIwfSwidmlld3BvcnQiOnsid2lkdGgiOjg2MSwiaGVpZ2h0Ijo1Mjh9LCJkb2N1bWVudENvbnRlbnQiOnsid2lkdGgiOjg2MSwiaGVpZ2h0Ijo1Mjh9fSwidXNlckxhbmd1YWdlIjoiZW4tVVMiLCJ1bmlxdWVfaWQiOiIzNDIzMTVlOC0wOWNhLTY2N2QtZmI2Yi05NzVjOTJkN2JjNzEifQ==&callback=reqwest_1715014971826

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.217.174.157:80
                                                                                              msedgewebview2.exe
                                                                                              254 B
                                                                                              52 B
                                                                                              5
                                                                                              1
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              7.9kB
                                                                                              12.3kB
                                                                                              20
                                                                                              15

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 216.239.32.36:443
                                                                                              https://region1.google-analytics.com/g/collect?v=2&tid=G-M61B1PKGYV&gtm=45je4510v9123267351za200&_p=1715014971780&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1280x720&cid=1551936123.1715014972&ir=1&pscdl=noapi&_eu=EBAI&_s=1&dl=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Findex.html%3Fbrand%3Dut&sid=1715014972&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6849
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              3.5kB
                                                                                              6.5kB
                                                                                              15
                                                                                              13

                                                                                              HTTP Request

                                                                                              POST https://region1.google-analytics.com/g/collect?v=2&tid=G-9X9DE1ZRWZ&gtm=45je4510v9119026557za200&_p=1715014971780&gcd=13l3l3l3l1&npa=0&dma=0&cid=1551936123.1715014972&ul=en-us&sr=1280x720&ir=1&pscdl=noapi&_eu=EAAI&_s=1&sid=1715014972&sct=1&seg=0&dl=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Findex.html%3Fbrand%3Dut&dr=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Futorrent%2Findex.html&dt=&en=page_view&_fv=1&_ss=1&tfd=6620

                                                                                              HTTP Request

                                                                                              POST https://region1.google-analytics.com/g/collect?v=2&tid=G-M61B1PKGYV&gtm=45je4510v9123267351za200&_p=1715014971780&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1280x720&cid=1551936123.1715014972&ir=1&pscdl=noapi&_eu=EBAI&_s=1&dl=http%3A%2F%2Futclient.utorrent.com%2Fpro%2Findex.html%3Fbrand%3Dut&sid=1715014972&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6849
                                                                                            • 178.32.210.226:443
                                                                                              https://www9.smartadserver.com/0/call?cklb=1
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              2.9kB
                                                                                              5.8kB
                                                                                              13
                                                                                              10

                                                                                              HTTP Request

                                                                                              OPTIONS https://www9.smartadserver.com/0/call

                                                                                              HTTP Response

                                                                                              204

                                                                                              HTTP Request

                                                                                              OPTIONS https://www9.smartadserver.com/0/call?cklb=1

                                                                                              HTTP Response

                                                                                              204
                                                                                            • 64.233.167.157:443
                                                                                              https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-67506219-1&cid=1551936123.1715014972&jid=84904312&gjid=1953123917&_gid=1841880955.1715014972&_u=IEBAAEAAAAAAACAAI~&z=1065533853
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              2.5kB
                                                                                              6.3kB
                                                                                              21
                                                                                              14

                                                                                              HTTP Request

                                                                                              POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-67506219-1&cid=1551936123.1715014972&jid=84904312&gjid=1953123917&_gid=1841880955.1715014972&_u=IEBAAEAAAAAAACAAI~&z=1065533853
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              4.2kB
                                                                                              11.2kB
                                                                                              17
                                                                                              14

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.9kB
                                                                                              9.8kB
                                                                                              14
                                                                                              12

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 142.250.187.202:443
                                                                                              https://imasdk.googleapis.com/js/sdkloader/ima3.js
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              8.2kB
                                                                                              155.9kB
                                                                                              120
                                                                                              118

                                                                                              HTTP Request

                                                                                              GET https://imasdk.googleapis.com/js/sdkloader/ima3.js
                                                                                            • 178.32.210.226:443
                                                                                              www9.smartadserver.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              1.1kB
                                                                                              959 B
                                                                                              8
                                                                                              4
                                                                                            • 178.32.210.226:443
                                                                                              https://www9.smartadserver.com/0/call?cklb=1
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              8.7kB
                                                                                              5.8kB
                                                                                              17
                                                                                              9

                                                                                              HTTP Request

                                                                                              POST https://www9.smartadserver.com/0/call

                                                                                              HTTP Response

                                                                                              307

                                                                                              HTTP Request

                                                                                              POST https://www9.smartadserver.com/0/call?cklb=1
                                                                                            • 87.248.205.1:80
                                                                                              content.bt.co
                                                                                              msedgewebview2.exe
                                                                                              150 B
                                                                                              104 B
                                                                                              3
                                                                                              2
                                                                                            • 87.248.205.1:80
                                                                                              http://video.rainberrytv.com/favicon.ico
                                                                                              http
                                                                                              msedgewebview2.exe
                                                                                              3.8kB
                                                                                              22.8kB
                                                                                              20
                                                                                              21

                                                                                              HTTP Request

                                                                                              GET http://video.rainberrytv.com/partners/didomi/client-cmp-ut.min.html

                                                                                              HTTP Response

                                                                                              200

                                                                                              HTTP Request

                                                                                              GET http://video.rainberrytv.com/favicon.ico

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.4kB
                                                                                              9.2kB
                                                                                              14
                                                                                              12

                                                                                              HTTP Request

                                                                                              POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 216.58.204.66:443
                                                                                              securepubads.g.doubleclick.net
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              1.7kB
                                                                                              1.1kB
                                                                                              9
                                                                                              5
                                                                                            • 216.58.204.66:443
                                                                                              https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fvideo.rainberrytv.com%2Fsmart%2Fvideo%2Fima%2Fpod.html%3Fbucket%3Dclassic-us%2Bvideo%26adt%3D380%26browser%3Dother%26ce%3D90.0.818.66%26clientdata%3Dut%257C3.6.0.47082%257C0%26component%3D1%26geo%3Dus%26ie%3D11%26site%3D33049%26uid%3DXA7cRsPA6AiKyc4_%26usermuted%3D0%26w%3D10.0%26vid%3DbOsdtyqUklDA698
                                                                                              tls, http2
                                                                                              msedgewebview2.exe
                                                                                              2.2kB
                                                                                              6.5kB
                                                                                              16
                                                                                              15

                                                                                              HTTP Request

                                                                                              GET https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fvideo.rainberrytv.com%2Fsmart%2Fvideo%2Fima%2Fpod.html%3Fbucket%3Dclassic-us%2Bvideo%26adt%3D380%26browser%3Dother%26ce%3D90.0.818.66%26clientdata%3Dut%257C3.6.0.47082%257C0%26component%3D1%26geo%3Dus%26ie%3D11%26site%3D33049%26uid%3DXA7cRsPA6AiKyc4_%26usermuted%3D0%26w%3D10.0%26vid%3DbOsdtyqUklDA698
                                                                                            • 204.79.197.239:443
                                                                                              edge.microsoft.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              1.4kB
                                                                                              8.5kB
                                                                                              13
                                                                                              14
                                                                                            • 204.79.197.239:443
                                                                                              edge.microsoft.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              10.9kB
                                                                                              505.9kB
                                                                                              206
                                                                                              384
                                                                                            • 185.89.211.84:443
                                                                                              ib.adnxs-simple.com
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              7.3kB
                                                                                              5.8kB
                                                                                              17
                                                                                              13
                                                                                            • 185.167.164.53:443
                                                                                              msedgewebview2.exe
                                                                                              104 B
                                                                                              2
                                                                                            • 77.245.57.72:443
                                                                                              cpm.xrtb.io
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              3.5kB
                                                                                              6.0kB
                                                                                              15
                                                                                              12
                                                                                            • 185.239.172.170:443
                                                                                              https://ghb.adtelligent.com/v2/auction/
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              2.2kB
                                                                                              4.2kB
                                                                                              7
                                                                                              7

                                                                                              HTTP Request

                                                                                              POST https://ghb.adtelligent.com/v2/auction/

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 20.162.145.158:443
                                                                                              https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D
                                                                                              tls, http
                                                                                              msedgewebview2.exe
                                                                                              3.4kB
                                                                                              8.9kB
                                                                                              14
                                                                                              12

                                                                                              HTTP Request

                                                                                              GET https://smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.22000.493.co_release&flight=%7B%22ETag%22%3A%22%5C%22nA8KHs8oaq9ssjHyJcw0nMz4proNnsV3KilArWanihI%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1166893-11-15%2CP-R-1093303-19-30%2CP-R-1026145-4-14%2CP-R-1021007-4-5%2CP-R-99770-8-32%2CP-R-73000-4-40%2CP-R-72999-7-40%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-8-38%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22WDSListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Atrue%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Afalse%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterEnabled%22%3Afalse%2C%22IsRbacE5BloomfilterCacheEnabled%22%3Afalse%2C%22UsePostDataEndpointsForNewAnaheimClient%22%3Atrue%2C%22DisableE5Cache%22%3Afalse%2C%22FixedSploitStop%22%3Atrue%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D

                                                                                              HTTP Response

                                                                                              304
                                                                                            • 185.167.164.53:443
                                                                                              adx2.adform.net
                                                                                              tls
                                                                                              msedgewebview2.exe
                                                                                              6.2kB
                                                                                              5.7kB
                                                                                              13
                                                                                              8
                                                                                            • 52.204.244.120:80
                                                                                              http://i-38.b-47082.ut.bench.utorrent.com/e?i=38
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              603 B
                                                                                              386 B
                                                                                              5
                                                                                              5

                                                                                              HTTP Request

                                                                                              POST http://i-38.b-47082.ut.bench.utorrent.com/e?i=38

                                                                                              HTTP Response

                                                                                              200
                                                                                            • 52.204.244.120:80
                                                                                              http://i-38.b-47082.ut.bench.utorrent.com/e?i=38
                                                                                              http
                                                                                              uTorrent.exe
                                                                                              1.4kB
                                                                                              44 B
                                                                                              6
                                                                                              1

                                                                                              HTTP Request

                                                                                              POST http://i-38.b-47082.ut.bench.utorrent.com/e?i=38
                                                                                            • 8.8.8.8:53
                                                                                              d42q8e9nhm7ym.cloudfront.net
                                                                                              dns
                                                                                              utorrent_installer(1).tmp
                                                                                              1.2kB
                                                                                              2.3kB
                                                                                              17
                                                                                              15

                                                                                              DNS Request

                                                                                              d42q8e9nhm7ym.cloudfront.net

                                                                                              DNS Response

                                                                                              18.239.190.4
                                                                                              18.239.190.64
                                                                                              18.239.190.61
                                                                                              18.239.190.22

                                                                                              DNS Request

                                                                                              4.190.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              d2p3z23xtslrsm.cloudfront.net

                                                                                              DNS Response

                                                                                              18.239.190.230
                                                                                              18.239.190.209
                                                                                              18.239.190.97
                                                                                              18.239.190.94

                                                                                              DNS Request

                                                                                              d27iw11mm1vkcl.cloudfront.net

                                                                                              DNS Response

                                                                                              18.239.190.163
                                                                                              18.239.190.121
                                                                                              18.239.190.96
                                                                                              18.239.190.132

                                                                                              DNS Request

                                                                                              api.playanext.com

                                                                                              DNS Response

                                                                                              18.239.208.56
                                                                                              18.239.208.31
                                                                                              18.239.208.15
                                                                                              18.239.208.111

                                                                                              DNS Request

                                                                                              230.190.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              56.208.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              68.9.67.172.in-addr.arpa

                                                                                              DNS Request

                                                                                              router.bittorrent.com

                                                                                              DNS Response

                                                                                              67.215.246.10

                                                                                              DNS Request

                                                                                              203.246.215.67.in-addr.arpa

                                                                                              DNS Request

                                                                                              sadownload.mcafee.com

                                                                                              DNS Response

                                                                                              96.16.53.134
                                                                                              96.16.53.139

                                                                                              DNS Request

                                                                                              ctldl.windowsupdate.com

                                                                                              DNS Response

                                                                                              23.73.136.121
                                                                                              23.73.136.131

                                                                                              DNS Request

                                                                                              download.opera.com

                                                                                              DNS Response

                                                                                              82.145.216.24
                                                                                              82.145.216.23

                                                                                              DNS Request

                                                                                              121.217.145.82.in-addr.arpa

                                                                                              DNS Request

                                                                                              track.analytics-data.io

                                                                                              DNS Request

                                                                                              track.analytics-data.io

                                                                                              DNS Request

                                                                                              track.analytics-data.io

                                                                                              DNS Response

                                                                                              3.213.31.22
                                                                                              23.23.83.187
                                                                                              3.230.7.139

                                                                                            • 8.8.8.8:53
                                                                                              163.190.239.18.in-addr.arpa
                                                                                              dns
                                                                                              947 B
                                                                                              1.5kB
                                                                                              13
                                                                                              9

                                                                                              DNS Request

                                                                                              163.190.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              66.238.215.67.in-addr.arpa

                                                                                              DNS Request

                                                                                              i-6000.b-47082.ut.bench.utorrent.com

                                                                                              DNS Response

                                                                                              52.55.162.212
                                                                                              52.204.74.82
                                                                                              52.1.89.18
                                                                                              50.17.80.143
                                                                                              44.218.73.120
                                                                                              52.1.245.247
                                                                                              52.44.212.96
                                                                                              52.205.169.46

                                                                                              DNS Request

                                                                                              router.utorrent.com

                                                                                              DNS Response

                                                                                              82.221.103.244

                                                                                              DNS Request

                                                                                              analytics.apis.mcafee.com

                                                                                              DNS Response

                                                                                              35.160.202.158
                                                                                              52.38.135.244
                                                                                              54.69.157.31
                                                                                              35.155.163.235
                                                                                              52.32.187.209
                                                                                              54.201.47.27
                                                                                              52.41.182.30
                                                                                              52.41.100.65

                                                                                              DNS Request

                                                                                              desktop-netinstaller-sub.osp.opera.software

                                                                                              DNS Response

                                                                                              82.145.217.121

                                                                                              DNS Request

                                                                                              features.opera-api2.com

                                                                                              DNS Response

                                                                                              82.145.216.16
                                                                                              82.145.216.15

                                                                                              DNS Request

                                                                                              134.53.16.96.in-addr.arpa

                                                                                              DNS Request

                                                                                              89.11.18.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              89.11.18.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              89.11.18.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              89.11.18.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              89.11.18.104.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              download-new.utorrent.com
                                                                                              dns
                                                                                              utorrent_installer(1).tmp
                                                                                              1.3kB
                                                                                              2.5kB
                                                                                              19
                                                                                              18

                                                                                              DNS Request

                                                                                              download-new.utorrent.com

                                                                                              DNS Response

                                                                                              67.215.238.66

                                                                                              DNS Request

                                                                                              shield.reasonsecurity.com

                                                                                              DNS Response

                                                                                              172.67.9.68
                                                                                              104.22.1.235
                                                                                              104.22.0.235

                                                                                              DNS Request

                                                                                              212.162.55.52.in-addr.arpa

                                                                                              DNS Request

                                                                                              update.utorrent.com

                                                                                              DNS Response

                                                                                              67.215.246.203

                                                                                              DNS Request

                                                                                              158.202.160.35.in-addr.arpa

                                                                                              DNS Request

                                                                                              autoupdate.geo.opera.com

                                                                                              DNS Response

                                                                                              185.26.182.124
                                                                                              185.26.182.123

                                                                                              DNS Request

                                                                                              ocsp.digicert.com

                                                                                              DNS Response

                                                                                              192.229.221.95

                                                                                              DNS Request

                                                                                              download5.operacdn.com

                                                                                              DNS Response

                                                                                              104.18.11.89
                                                                                              104.18.10.89

                                                                                              DNS Request

                                                                                              124.182.26.185.in-addr.arpa

                                                                                              DNS Request

                                                                                              22.31.213.3.in-addr.arpa

                                                                                              DNS Request

                                                                                              secure.globalsign.com

                                                                                              DNS Response

                                                                                              151.101.2.133
                                                                                              151.101.66.133
                                                                                              151.101.130.133
                                                                                              151.101.194.133

                                                                                              DNS Request

                                                                                              34.208.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              cacerts.digicert.com

                                                                                              DNS Response

                                                                                              192.229.221.95

                                                                                              DNS Request

                                                                                              139.7.230.3.in-addr.arpa

                                                                                              DNS Request

                                                                                              home.mcafee.com

                                                                                              DNS Response

                                                                                              104.68.84.174

                                                                                              DNS Request

                                                                                              cdn.reasonsecurity.com

                                                                                              DNS Response

                                                                                              18.239.208.12
                                                                                              18.239.208.56
                                                                                              18.239.208.28
                                                                                              18.239.208.21

                                                                                              DNS Request

                                                                                              ocsp.usertrust.com

                                                                                              DNS Response

                                                                                              104.18.38.233
                                                                                              172.64.149.23

                                                                                              DNS Request

                                                                                              233.38.18.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              233.38.18.104.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              121.136.73.23.in-addr.arpa
                                                                                              dns
                                                                                              355 B
                                                                                              684 B
                                                                                              5
                                                                                              4

                                                                                              DNS Request

                                                                                              121.136.73.23.in-addr.arpa

                                                                                              DNS Request

                                                                                              25.208.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              ctldl.windowsupdate.com

                                                                                              DNS Response

                                                                                              2.17.197.240
                                                                                              2.17.197.249

                                                                                              DNS Request

                                                                                              240.197.17.2.in-addr.arpa

                                                                                              DNS Request

                                                                                              240.197.17.2.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              16.216.145.82.in-addr.arpa
                                                                                              dns
                                                                                              214 B
                                                                                              293 B
                                                                                              3
                                                                                              2

                                                                                              DNS Request

                                                                                              16.216.145.82.in-addr.arpa

                                                                                              DNS Request

                                                                                              update.reasonsecurity.com

                                                                                              DNS Request

                                                                                              update.reasonsecurity.com

                                                                                              DNS Response

                                                                                              18.239.208.25
                                                                                              18.239.208.54
                                                                                              18.239.208.35
                                                                                              18.239.208.43

                                                                                            • 8.8.8.8:53
                                                                                              24.216.145.82.in-addr.arpa
                                                                                              dns
                                                                                              1.1kB
                                                                                              2.1kB
                                                                                              15
                                                                                              13

                                                                                              DNS Request

                                                                                              24.216.145.82.in-addr.arpa

                                                                                              DNS Request

                                                                                              electron-shell.reasonsecurity.com

                                                                                              DNS Response

                                                                                              18.239.208.34
                                                                                              18.239.208.4
                                                                                              18.239.208.81
                                                                                              18.239.208.20

                                                                                              DNS Request

                                                                                              133.2.101.151.in-addr.arpa

                                                                                              DNS Request

                                                                                              track.analytics-data.io

                                                                                              DNS Response

                                                                                              3.230.7.139
                                                                                              3.213.31.22
                                                                                              23.23.83.187

                                                                                              DNS Request

                                                                                              sadownload.mcafee.com

                                                                                              DNS Response

                                                                                              96.16.53.134
                                                                                              96.16.53.139

                                                                                              DNS Request

                                                                                              174.84.68.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              12.208.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              ocsp.sectigo.com

                                                                                              DNS Response

                                                                                              104.18.38.233
                                                                                              172.64.149.23

                                                                                              DNS Request

                                                                                              nexusrules.officeapps.live.com

                                                                                              DNS Response

                                                                                              52.111.227.11

                                                                                              DNS Request

                                                                                              11.227.111.52.in-addr.arpa

                                                                                              DNS Request

                                                                                              ctldl.windowsupdate.com

                                                                                              DNS Response

                                                                                              93.184.221.240

                                                                                              DNS Request

                                                                                              240.221.184.93.in-addr.arpa

                                                                                              DNS Request

                                                                                              router.bittorrent.com

                                                                                              DNS Request

                                                                                              router.bittorrent.com

                                                                                              DNS Request

                                                                                              router.bittorrent.com

                                                                                              DNS Response

                                                                                              67.215.246.10

                                                                                            • 8.8.8.8:53
                                                                                              i-21.b-47082.ut.bench.utorrent.com
                                                                                              dns
                                                                                              uTorrent.exe
                                                                                              218 B
                                                                                              434 B
                                                                                              3
                                                                                              2

                                                                                              DNS Request

                                                                                              i-21.b-47082.ut.bench.utorrent.com

                                                                                              DNS Response

                                                                                              52.5.70.92
                                                                                              52.1.89.18
                                                                                              44.214.14.78
                                                                                              52.1.245.247
                                                                                              44.218.73.120
                                                                                              52.55.162.212
                                                                                              52.204.74.82
                                                                                              52.0.219.152

                                                                                              DNS Request

                                                                                              92.70.5.52.in-addr.arpa

                                                                                              DNS Request

                                                                                              92.70.5.52.in-addr.arpa

                                                                                            • 10.127.0.1:5351
                                                                                              uTorrent.exe
                                                                                              230 B
                                                                                              5
                                                                                            • 8.8.8.8:53
                                                                                              i-24.b-47082.ut.bench.utorrent.com
                                                                                              dns
                                                                                              uTorrent.exe
                                                                                              240 B
                                                                                              313 B
                                                                                              3
                                                                                              1

                                                                                              DNS Request

                                                                                              i-24.b-47082.ut.bench.utorrent.com

                                                                                              DNS Request

                                                                                              i-24.b-47082.ut.bench.utorrent.com

                                                                                              DNS Request

                                                                                              i-24.b-47082.ut.bench.utorrent.com

                                                                                              DNS Response

                                                                                              52.0.219.152
                                                                                              52.21.50.61
                                                                                              52.204.74.82
                                                                                              52.0.235.250
                                                                                              52.5.70.92
                                                                                              44.214.14.78
                                                                                              52.205.169.46
                                                                                              44.218.73.120

                                                                                            • 8.8.8.8:53
                                                                                              update.bittorrent.com
                                                                                              dns
                                                                                              uTorrent.exe
                                                                                              472 B
                                                                                              771 B
                                                                                              7
                                                                                              5

                                                                                              DNS Request

                                                                                              update.bittorrent.com

                                                                                              DNS Response

                                                                                              173.254.195.58

                                                                                              DNS Request

                                                                                              apps.bittorrent.com

                                                                                              DNS Response

                                                                                              87.248.205.1

                                                                                              DNS Request

                                                                                              cdn.ap.bittorrent.com

                                                                                              DNS Response

                                                                                              87.248.205.1

                                                                                              DNS Request

                                                                                              login.live.com

                                                                                              DNS Response

                                                                                              20.190.159.71
                                                                                              20.190.159.64
                                                                                              40.126.31.71
                                                                                              20.190.159.73
                                                                                              20.190.159.2
                                                                                              40.126.31.73
                                                                                              20.190.159.4
                                                                                              40.126.31.67

                                                                                              DNS Request

                                                                                              1.205.248.87.in-addr.arpa

                                                                                              DNS Request

                                                                                              1.205.248.87.in-addr.arpa

                                                                                              DNS Request

                                                                                              1.205.248.87.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              71.159.190.20.in-addr.arpa
                                                                                              dns
                                                                                              216 B
                                                                                              158 B
                                                                                              3
                                                                                              1

                                                                                              DNS Request

                                                                                              71.159.190.20.in-addr.arpa

                                                                                              DNS Request

                                                                                              71.159.190.20.in-addr.arpa

                                                                                              DNS Request

                                                                                              71.159.190.20.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              nav.smartscreen.microsoft.com
                                                                                              dns
                                                                                              msedgewebview2.exe
                                                                                              562 B
                                                                                              1.1kB
                                                                                              8
                                                                                              7

                                                                                              DNS Request

                                                                                              nav.smartscreen.microsoft.com

                                                                                              DNS Response

                                                                                              20.162.145.158

                                                                                              DNS Request

                                                                                              utorrent.com

                                                                                              DNS Response

                                                                                              98.143.146.7

                                                                                              DNS Request

                                                                                              utorrent.com

                                                                                              DNS Response

                                                                                              98.143.146.7

                                                                                              DNS Request

                                                                                              smartscreen.microsoft.com

                                                                                              DNS Response

                                                                                              20.162.145.158

                                                                                              DNS Request

                                                                                              158.145.162.20.in-addr.arpa

                                                                                              DNS Request

                                                                                              video.rainberrytv.com

                                                                                              DNS Response

                                                                                              87.248.205.1

                                                                                              DNS Request

                                                                                              i-49.b-47082.ut.bench.utorrent.com

                                                                                              DNS Request

                                                                                              i-49.b-47082.ut.bench.utorrent.com

                                                                                              DNS Response

                                                                                              52.5.70.92
                                                                                              52.1.89.18
                                                                                              44.214.14.78
                                                                                              52.1.245.247
                                                                                              44.218.73.120
                                                                                              52.55.162.212
                                                                                              52.204.74.82
                                                                                              52.0.219.152

                                                                                            • 8.8.8.8:53
                                                                                              7.146.143.98.in-addr.arpa
                                                                                              dns
                                                                                              330 B
                                                                                              520 B
                                                                                              5
                                                                                              4

                                                                                              DNS Request

                                                                                              7.146.143.98.in-addr.arpa

                                                                                              DNS Request

                                                                                              cdnjs.cloudflare.com

                                                                                              DNS Response

                                                                                              104.17.24.14
                                                                                              104.17.25.14

                                                                                              DNS Request

                                                                                              122.208.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              ced.sascdn.com

                                                                                              DNS Request

                                                                                              ced.sascdn.com

                                                                                              DNS Response

                                                                                              2.18.190.77
                                                                                              2.18.190.81

                                                                                            • 8.8.8.8:53
                                                                                              78.14.214.44.in-addr.arpa
                                                                                              dns
                                                                                              346 B
                                                                                              708 B
                                                                                              5
                                                                                              4

                                                                                              DNS Request

                                                                                              78.14.214.44.in-addr.arpa

                                                                                              DNS Request

                                                                                              i-32.b-47082.ut.bench.utorrent.com

                                                                                              DNS Response

                                                                                              52.1.109.224
                                                                                              44.218.73.120
                                                                                              50.17.80.143
                                                                                              52.21.50.61
                                                                                              44.214.14.78
                                                                                              52.205.169.46
                                                                                              52.0.219.152
                                                                                              52.0.235.250

                                                                                              DNS Request

                                                                                              120.244.204.52.in-addr.arpa

                                                                                              DNS Request

                                                                                              cdn.polyfill.io

                                                                                              DNS Request

                                                                                              cdn.polyfill.io

                                                                                              DNS Response

                                                                                              104.18.53.237
                                                                                              104.18.53.44

                                                                                            • 8.8.8.8:53
                                                                                              152.219.0.52.in-addr.arpa
                                                                                              dns
                                                                                              387 B
                                                                                              693 B
                                                                                              6
                                                                                              5

                                                                                              DNS Request

                                                                                              152.219.0.52.in-addr.arpa

                                                                                              DNS Request

                                                                                              www.utorrent.com

                                                                                              DNS Response

                                                                                              18.239.208.122
                                                                                              18.239.208.117
                                                                                              18.239.208.124
                                                                                              18.239.208.91

                                                                                              DNS Request

                                                                                              224.109.1.52.in-addr.arpa

                                                                                              DNS Request

                                                                                              content.bt.co

                                                                                              DNS Response

                                                                                              87.248.205.1

                                                                                              DNS Request

                                                                                              cdn.jsdelivr.net

                                                                                              DNS Request

                                                                                              cdn.jsdelivr.net

                                                                                              DNS Response

                                                                                              151.101.1.229
                                                                                              151.101.65.229
                                                                                              151.101.129.229
                                                                                              151.101.193.229

                                                                                            • 8.8.8.8:53
                                                                                              203.247.17.104.in-addr.arpa
                                                                                              dns
                                                                                              205 B
                                                                                              217 B
                                                                                              3
                                                                                              2

                                                                                              DNS Request

                                                                                              203.247.17.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              fonts.googleapis.com

                                                                                              DNS Request

                                                                                              fonts.googleapis.com

                                                                                              DNS Response

                                                                                              216.58.204.74

                                                                                            • 8.8.8.8:53
                                                                                              14.24.17.104.in-addr.arpa
                                                                                              dns
                                                                                              840 B
                                                                                              1.5kB
                                                                                              12
                                                                                              11

                                                                                              DNS Request

                                                                                              14.24.17.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              www.googleoptimize.com

                                                                                              DNS Response

                                                                                              142.250.200.46

                                                                                              DNS Request

                                                                                              46.200.250.142.in-addr.arpa

                                                                                              DNS Request

                                                                                              secure.globalsign.com

                                                                                              DNS Response

                                                                                              151.101.2.133
                                                                                              151.101.66.133
                                                                                              151.101.130.133
                                                                                              151.101.194.133

                                                                                              DNS Request

                                                                                              dns.google

                                                                                              DNS Response

                                                                                              8.8.4.4
                                                                                              8.8.8.8

                                                                                              DNS Request

                                                                                              fonts.gstatic.com

                                                                                              DNS Response

                                                                                              216.58.212.227

                                                                                              DNS Request

                                                                                              237.53.18.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              www.google-analytics.com

                                                                                              DNS Response

                                                                                              142.250.180.14

                                                                                              DNS Request

                                                                                              sdk.privacy-center.org

                                                                                              DNS Response

                                                                                              18.239.208.120
                                                                                              18.239.208.58
                                                                                              18.239.208.39
                                                                                              18.239.208.62

                                                                                              DNS Request

                                                                                              36.34.239.216.in-addr.arpa

                                                                                              DNS Request

                                                                                              i-62.b-47082.ut.bench.utorrent.com

                                                                                              DNS Request

                                                                                              i-62.b-47082.ut.bench.utorrent.com

                                                                                              DNS Response

                                                                                              52.1.109.224
                                                                                              44.218.73.120
                                                                                              50.17.80.143
                                                                                              52.21.50.61
                                                                                              44.214.14.78
                                                                                              52.205.169.46
                                                                                              52.0.219.152
                                                                                              52.0.235.250

                                                                                            • 8.8.8.8:53
                                                                                              229.1.101.151.in-addr.arpa
                                                                                              dns
                                                                                              144 B
                                                                                              132 B
                                                                                              2
                                                                                              1

                                                                                              DNS Request

                                                                                              229.1.101.151.in-addr.arpa

                                                                                              DNS Request

                                                                                              229.1.101.151.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              77.190.18.2.in-addr.arpa
                                                                                              dns
                                                                                              210 B
                                                                                              133 B
                                                                                              3
                                                                                              1

                                                                                              DNS Request

                                                                                              77.190.18.2.in-addr.arpa

                                                                                              DNS Request

                                                                                              77.190.18.2.in-addr.arpa

                                                                                              DNS Request

                                                                                              77.190.18.2.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              74.204.58.216.in-addr.arpa
                                                                                              dns
                                                                                              144 B
                                                                                              171 B
                                                                                              2
                                                                                              1

                                                                                              DNS Request

                                                                                              74.204.58.216.in-addr.arpa

                                                                                              DNS Request

                                                                                              74.204.58.216.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              227.212.58.216.in-addr.arpa
                                                                                              dns
                                                                                              219 B
                                                                                              171 B
                                                                                              3
                                                                                              1

                                                                                              DNS Request

                                                                                              227.212.58.216.in-addr.arpa

                                                                                              DNS Request

                                                                                              227.212.58.216.in-addr.arpa

                                                                                              DNS Request

                                                                                              227.212.58.216.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              4.4.8.8.in-addr.arpa
                                                                                              dns
                                                                                              198 B
                                                                                              90 B
                                                                                              3
                                                                                              1

                                                                                              DNS Request

                                                                                              4.4.8.8.in-addr.arpa

                                                                                              DNS Request

                                                                                              4.4.8.8.in-addr.arpa

                                                                                              DNS Request

                                                                                              4.4.8.8.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              232.212.58.216.in-addr.arpa
                                                                                              dns
                                                                                              146 B
                                                                                              171 B
                                                                                              2
                                                                                              1

                                                                                              DNS Request

                                                                                              232.212.58.216.in-addr.arpa

                                                                                              DNS Request

                                                                                              232.212.58.216.in-addr.arpa

                                                                                            • 8.8.4.4:443
                                                                                              dns.google
                                                                                              https
                                                                                              msedgewebview2.exe
                                                                                              13.0kB
                                                                                              21.3kB
                                                                                              77
                                                                                              78
                                                                                            • 8.8.8.8:53
                                                                                              120.208.239.18.in-addr.arpa
                                                                                              dns
                                                                                              505 B
                                                                                              517 B
                                                                                              7
                                                                                              4

                                                                                              DNS Request

                                                                                              120.208.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              95.71.91.104.in-addr.arpa

                                                                                              DNS Request

                                                                                              124.208.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              10.246.215.67.in-addr.arpa

                                                                                              DNS Request

                                                                                              10.246.215.67.in-addr.arpa

                                                                                              DNS Request

                                                                                              10.246.215.67.in-addr.arpa

                                                                                              DNS Request

                                                                                              10.246.215.67.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              39.208.239.18.in-addr.arpa
                                                                                              dns
                                                                                              427 B
                                                                                              321 B
                                                                                              6
                                                                                              2

                                                                                              DNS Request

                                                                                              39.208.239.18.in-addr.arpa

                                                                                              DNS Request

                                                                                              smartscreen.microsoft.com

                                                                                              DNS Request

                                                                                              smartscreen.microsoft.com

                                                                                              DNS Request

                                                                                              smartscreen.microsoft.com

                                                                                              DNS Request

                                                                                              smartscreen.microsoft.com

                                                                                              DNS Request

                                                                                              smartscreen.microsoft.com

                                                                                              DNS Response

                                                                                              20.162.145.158

                                                                                            • 8.8.8.8:53
                                                                                              234.112.53.23.in-addr.arpa
                                                                                              dns
                                                                                              512 B
                                                                                              585 B
                                                                                              7
                                                                                              4

                                                                                              DNS Request

                                                                                              234.112.53.23.in-addr.arpa

                                                                                              DNS Request

                                                                                              nav.smartscreen.microsoft.com

                                                                                              DNS Response

                                                                                              20.162.145.158

                                                                                              DNS Request

                                                                                              157.174.217.52.in-addr.arpa

                                                                                              DNS Request

                                                                                              244.103.221.82.in-addr.arpa

                                                                                              DNS Request

                                                                                              244.103.221.82.in-addr.arpa

                                                                                              DNS Request

                                                                                              244.103.221.82.in-addr.arpa

                                                                                              DNS Request

                                                                                              244.103.221.82.in-addr.arpa

                                                                                            • 224.0.0.251:5353
                                                                                              774 B
                                                                                              12
                                                                                            • 151.101.1.229:443
                                                                                              cdn.jsdelivr.net
                                                                                              https
                                                                                              msedgewebview2.exe
                                                                                              4.6kB
                                                                                              34.2kB
                                                                                              21
                                                                                              31
                                                                                            • 8.8.8.8:53
                                                                                              36.32.239.216.in-addr.arpa
                                                                                              dns
                                                                                              360 B
                                                                                              301 B
                                                                                              5
                                                                                              2

                                                                                              DNS Request

                                                                                              36.32.239.216.in-addr.arpa

                                                                                              DNS Request

                                                                                              66.204.58.216.in-addr.arpa

                                                                                              DNS Request

                                                                                              66.204.58.216.in-addr.arpa

                                                                                              DNS Request

                                                                                              66.204.58.216.in-addr.arpa

                                                                                              DNS Request

                                                                                              66.204.58.216.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              226.210.32.178.in-addr.arpa
                                                                                              dns
                                                                                              219 B
                                                                                              385 B
                                                                                              3
                                                                                              3

                                                                                              DNS Request

                                                                                              226.210.32.178.in-addr.arpa

                                                                                              DNS Request

                                                                                              239.197.79.204.in-addr.arpa

                                                                                              DNS Request

                                                                                              53.164.167.185.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              157.167.233.64.in-addr.arpa
                                                                                              dns
                                                                                              215 B
                                                                                              253 B
                                                                                              3
                                                                                              2

                                                                                              DNS Request

                                                                                              157.167.233.64.in-addr.arpa

                                                                                              DNS Request

                                                                                              72.57.245.77.in-addr.arpa

                                                                                              DNS Request

                                                                                              72.57.245.77.in-addr.arpa

                                                                                            • 8.8.8.8:53
                                                                                              202.187.250.142.in-addr.arpa
                                                                                              dns
                                                                                              222 B
                                                                                              247 B
                                                                                              3
                                                                                              2

                                                                                              DNS Request

                                                                                              202.187.250.142.in-addr.arpa

                                                                                              DNS Request

                                                                                              170.172.239.185.in-addr.arpa

                                                                                              DNS Request

                                                                                              170.172.239.185.in-addr.arpa

                                                                                            • 67.215.246.10:6881
                                                                                              router.bittorrent.com
                                                                                              uTorrent.exe
                                                                                              131 B
                                                                                              1
                                                                                            • 82.221.103.244:6881
                                                                                              router.utorrent.com
                                                                                              uTorrent.exe
                                                                                              131 B
                                                                                              1
                                                                                            • 8.8.8.8:53
                                                                                              84.211.89.185.in-addr.arpa
                                                                                              dns
                                                                                              152 B
                                                                                              133 B
                                                                                              2
                                                                                              1

                                                                                              DNS Request

                                                                                              84.211.89.185.in-addr.arpa

                                                                                              DNS Request

                                                                                              i-43.b-47082.ut.bench.utorrent.com

                                                                                            MITRE ATT&CK Enterprise v15

                                                                                            Replay Monitor

                                                                                            Loading Replay Monitor...

                                                                                            Downloads

                                                                                            • C:\Program Files\McAfee\Temp1269204435\analyticsmanager.cab

                                                                                              Filesize

                                                                                              2.0MB

                                                                                              MD5

                                                                                              b86746aabbaf37831a38b6eae5e3e256

                                                                                              SHA1

                                                                                              5c81a896b9a7e59cdff3d7e10de5ace243132e56

                                                                                              SHA256

                                                                                              70e35195fece6ebf6e97b76c460d67449c4785a1bd21f205908f995aa8c11a5e

                                                                                              SHA512

                                                                                              68e2f2359e6306a5ff3af0c348c2d452afa7a8766e10b2d36358eb30e70ed17f4b45b479b8be5585a91febbdda67cd2b96c225728ad32e9a54bad358269711e8

                                                                                            • C:\Program Files\McAfee\Temp1269204435\analyticstelemetry.cab

                                                                                              Filesize

                                                                                              57KB

                                                                                              MD5

                                                                                              fc2f204b92db0e8daec09ae45cedbc96

                                                                                              SHA1

                                                                                              5d16a19f70224e97cfc383143ddbf5f6b5565f19

                                                                                              SHA256

                                                                                              22f38866a64fcc685be87a949f17d0bc85d20c9d5f6aec1ad469d59f099383c6

                                                                                              SHA512

                                                                                              32fd7845c34ff4df8b7ec5d041c4de1a577cb686d7b6b9bfe10897edd1b5dab503ff1fd5b6e729f0a081fff41d5b273cbd188dd7952c27366cf3f5c3b3fd3637

                                                                                            • C:\Program Files\McAfee\Temp1269204435\browserhost.cab

                                                                                              Filesize

                                                                                              1.2MB

                                                                                              MD5

                                                                                              047cd507df3d47ad5b4580f92cca8462

                                                                                              SHA1

                                                                                              a3cba758d2c3a435d8b4841ed7874d3dae98affa

                                                                                              SHA256

                                                                                              d1ca37407ee6c256a2d174da8139dae1b5f3b681540763e4208073646dc3f85a

                                                                                              SHA512

                                                                                              beee3e3b0606c8620370033da292f8d177fc4c8556dc7c952bc9a56a1ad446e36cb425c2f849741a24f3ebce6b814e213ab051e31283f16854069b7b83289c74

                                                                                            • C:\Program Files\McAfee\Temp1269204435\browserplugin.cab

                                                                                              Filesize

                                                                                              4.9MB

                                                                                              MD5

                                                                                              f2e0ad0cf39154cf59faef9c055fceda

                                                                                              SHA1

                                                                                              31558e4be53bbd90c955b60bab3b4bb7c29c3442

                                                                                              SHA256

                                                                                              5c98127edc5094fba4ab2c640dabadac9365ccf127446ac28db1de31553fbf67

                                                                                              SHA512

                                                                                              c4054146296f69cea8b628c63941b70713e479e75ae21e982113d7a5ed561099070cf3f8e01ffe307e0d6b5e975a111515282e1532204e98fe1d85c2815056b7

                                                                                            • C:\Program Files\McAfee\Temp1269204435\downloadscan.cab

                                                                                              Filesize

                                                                                              2.1MB

                                                                                              MD5

                                                                                              3f53a18999723022ce0163cf0b79bddf

                                                                                              SHA1

                                                                                              9722ac18848575fe7922661c6b967163647b004f

                                                                                              SHA256

                                                                                              c03a9c8f4c8840d3d6620bce28007e0f9b738418d690247f2116f3f28ff9249f

                                                                                              SHA512

                                                                                              faeba2e5cead1388a348d20f671f136faaa17f1b5677dd8aedfbbba01b99f4c15020888520e15f88e946bc0b3aec8d14f24729ee37ed440a0e87151b72a2e6a0

                                                                                            • C:\Program Files\McAfee\Temp1269204435\eventmanager.cab

                                                                                              Filesize

                                                                                              1.4MB

                                                                                              MD5

                                                                                              98f1341ed360f6d676a110fab895669a

                                                                                              SHA1

                                                                                              7695c908aec695a7f17fbe0a7474aa6f8250c960

                                                                                              SHA256

                                                                                              b6ba85209c76fc850130c6bde2fb58ea4bf92a54c68670e5e4445a7fe0337cfa

                                                                                              SHA512

                                                                                              8d46ce3f7972ecee7003d5dde16b614656197949a2c6a170398c9a0f246d2ba6ffd0c75caf115a697ded4618ac09defe36c6c157245abe8288483e6a808faf24

                                                                                            • C:\Program Files\McAfee\Temp1269204435\installer.exe

                                                                                              Filesize

                                                                                              2.5MB

                                                                                              MD5

                                                                                              4034e2003874264c50436da1b0437783

                                                                                              SHA1

                                                                                              e91861f167d61b3a72784e685a78a664522288c2

                                                                                              SHA256

                                                                                              471d799e2b2292dbdbc9aed0be57c51d8bb89725a944b965aeb03892493e8769

                                                                                              SHA512

                                                                                              f0923f9c6f111583358c4c4670c3e017da2182853f489d36e49efbb4ad0eed23bc420cecf9584a1df4cff30d1428cb745c6143eacd1ee4acb8cac7385bd3b080

                                                                                            • C:\Program Files\McAfee\Temp1269204435\l10n.cab

                                                                                              Filesize

                                                                                              274KB

                                                                                              MD5

                                                                                              d2d49a3e1e9a75f4908d8bafeec64a8a

                                                                                              SHA1

                                                                                              7b73095c122d816f07d7372920025ee07a34452f

                                                                                              SHA256

                                                                                              ae57687e54b8f26ac9a233cb382a96a2f11b6ea3722feceab3fe6ef73e1a9cc7

                                                                                              SHA512

                                                                                              6bb7d5db7ae08d1bad860a2467da10d92794f73594ee20e044747f4129f4b2f89dcca1cd52662d5ad88c7279798b457585605c03dc7b9f1817fedf072dec5e8b

                                                                                            • C:\Program Files\McAfee\Temp1269204435\logicmodule.cab

                                                                                              Filesize

                                                                                              1.4MB

                                                                                              MD5

                                                                                              d06127ffbd53a53c8c5a6dba9ef57a30

                                                                                              SHA1

                                                                                              4b0c999368e3c41cc4e5e15e2dec24528184955a

                                                                                              SHA256

                                                                                              96aaecb6da2013028e00b93895c3a7d9ee26f8e03e32bf4506d32218b02d8f0b

                                                                                              SHA512

                                                                                              dc5ccf8bee79c79eca3b8a106ac805e1254b613fc3449f417dd8bc18f76e96a9aa6d9d43680546dd85486fa802c54d10bea45ba4ac401ef41c19529e13a4b815

                                                                                            • C:\Program Files\McAfee\Temp1269204435\logicscripts.cab

                                                                                              Filesize

                                                                                              57KB

                                                                                              MD5

                                                                                              f2158db4bebd54b26773c843729007a7

                                                                                              SHA1

                                                                                              94e4f3e571f9d65a9a273147752a6767477284bd

                                                                                              SHA256

                                                                                              2e8f526789472335dd0c9d847965c104153260aab2f42d4848648babd02a2b30

                                                                                              SHA512

                                                                                              7de44a11aa0cf50b497b189aa5ee30b0a204d6f47f1d584a8d265b227d64bb3c3f66bdd47f5ef60395ece010dbbb9b0d7af56bd27ff7c8b6b3a64f0758e4cd09

                                                                                            • C:\Program Files\McAfee\Temp1269204435\lookupmanager.cab

                                                                                              Filesize

                                                                                              972KB

                                                                                              MD5

                                                                                              4701a16772d584dddf8d3fdf2a86ce68

                                                                                              SHA1

                                                                                              38537b682c25af63435b1a1166c3f484a2ee003b

                                                                                              SHA256

                                                                                              1c11af7968f51eece1682d1106630d5d87bb363b24088e976710518108e9ff3a

                                                                                              SHA512

                                                                                              c8c25202b86486eac7b24ac91860ee14153fd35c9bfd73ff4aab114d8bd95213a935276463081f70a5b8f5fadf100ea072f09486d4b07e7d4dc2b904c46fa064

                                                                                            • C:\Program Files\McAfee\Temp1269204435\mfw-mwb.cab

                                                                                              Filesize

                                                                                              30KB

                                                                                              MD5

                                                                                              de22a82e15c63e0dd5d76f3784baf2e5

                                                                                              SHA1

                                                                                              6388f8ced47ff3f0fde51523e489c7c7d685367c

                                                                                              SHA256

                                                                                              127b786e92568718d16aac814f0472356e5a49ff44d6803cd79f8ac0bd91154e

                                                                                              SHA512

                                                                                              69227b9b6a77c4182756496faea49b7ca01865277896e77a58841f60ddbf716c3880ad797b2947a8e92fc8f0bf57e95da0cddba8065b322ab95b0081676ea184

                                                                                            • C:\Program Files\McAfee\Temp1269204435\mfw-nps.cab

                                                                                              Filesize

                                                                                              33KB

                                                                                              MD5

                                                                                              d9ca680b1fcd3930a7e88164d29835ad

                                                                                              SHA1

                                                                                              46e5f1906e3535936326529c81bad3ca77eba700

                                                                                              SHA256

                                                                                              b32933bd6e5b2f0d2928e92546195120375bbc8da68533e577adf6c54ea4ec0a

                                                                                              SHA512

                                                                                              45614f889ec7b1c30f5186bf61d4d82705f9175604cd82972a29b612f6fa4eb230179506adfc14bcfd5097890c9ebb37db54a96f80e781e742fe35e8c68b17eb

                                                                                            • C:\Program Files\McAfee\Temp1269204435\mfw-webadvisor.cab

                                                                                              Filesize

                                                                                              901KB

                                                                                              MD5

                                                                                              e0f5c3d03681587bc927a049a22dfeb6

                                                                                              SHA1

                                                                                              2bdc1c92cbe1576d356daacf409413fff410e827

                                                                                              SHA256

                                                                                              325e7d15f8b9e3988904fe796d7d6bfb714be50f64d1a760b9e11cf71fe9ee15

                                                                                              SHA512

                                                                                              43a914bc424c9e4b5e08b3f016525e9685b9231e7de135b40d1b6806363dc8891f497fce3116d491947487c03dc8bf07c30be0fc2afec20e774aa22d83a1ffbe

                                                                                            • C:\Program Files\McAfee\Temp1269204435\mfw.cab

                                                                                              Filesize

                                                                                              310KB

                                                                                              MD5

                                                                                              4b0034ee6db1f4a2a76524f1cc7cc9f4

                                                                                              SHA1

                                                                                              44bc148e2dd5221e1b781bdb56a625588fce9f64

                                                                                              SHA256

                                                                                              36671f49627d8cf811064c59cbf37e43e409b6d8631898614470037edb53c431

                                                                                              SHA512

                                                                                              a90abd80a517bfde5cb365904ee85baf0f3f32558701e4548f2aeb44783f088bd3b969de2068a6b618bdaf501f5f38ec9440f31144d96dcb1b766d19a0579738

                                                                                            • C:\Program Files\McAfee\WebAdvisor\Analytics\dataConfig.cab

                                                                                              Filesize

                                                                                              73KB

                                                                                              MD5

                                                                                              6f97cb1b2d3fcf88513e2c349232216a

                                                                                              SHA1

                                                                                              846110d3bf8b8d7a720f646435909ef80bbcaa0c

                                                                                              SHA256

                                                                                              6a031052be1737bc2767c3ea65430d8d7ffd1c9115e174d7dfb64ad510011272

                                                                                              SHA512

                                                                                              2919176296b953c9ef232006783068d255109257653ac5ccd64a3452159108890a1e8e7d6c030990982816166517f878f6032946a5558f8ae3510bc044809b07

                                                                                            • C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe

                                                                                              Filesize

                                                                                              797KB

                                                                                              MD5

                                                                                              ded746a9d2d7b7afcb3abe1a24dd3163

                                                                                              SHA1

                                                                                              a074c9e981491ff566cd45b912e743bd1266c4ae

                                                                                              SHA256

                                                                                              c113072678d5fa03b02d750a5911848ab0e247c4b28cf7b152a858c4b24901b3

                                                                                              SHA512

                                                                                              2c273bf79988df13f9da4019f8071cf3b4480ecd814d3df44b83958f52f49bb668dd2f568293c29ef3545018fea15c9d5902ef88e0ecfebaf60458333fcaa91b

                                                                                            • C:\Program Files\ReasonLabs\EPP\InstallerLib.dll

                                                                                              Filesize

                                                                                              310KB

                                                                                              MD5

                                                                                              c3b43e56db33516751b66ee531a162c9

                                                                                              SHA1

                                                                                              6b8a1680e9485060377750f79bc681e17a3cb72a

                                                                                              SHA256

                                                                                              040b2e0dea718124b36d76e1d8f591ff0dbca22f7fb11f52a2e6424218f4ecad

                                                                                              SHA512

                                                                                              4724f2f30e997f91893aabfa8bf1b5938c329927080e4cc72b81b4bb6db06fe35dae60d428d57355f03c46dd29f15db46ad2b1036247c0dcde688183ef11313a

                                                                                            • C:\Program Files\ReasonLabs\EPP\elam\rsElam.sys

                                                                                              Filesize

                                                                                              19KB

                                                                                              MD5

                                                                                              8129c96d6ebdaebbe771ee034555bf8f

                                                                                              SHA1

                                                                                              9b41fb541a273086d3eef0ba4149f88022efbaff

                                                                                              SHA256

                                                                                              8bcc210669bc5931a3a69fc63ed288cb74013a92c84ca0aba89e3f4e56e3ae51

                                                                                              SHA512

                                                                                              ccd92987da4bda7a0f6386308611afb7951395158fc6d10a0596b0a0db4a61df202120460e2383d2d2f34cbb4d4e33e4f2e091a717d2fc1859ed7f58db3b7a18

                                                                                            • C:\Program Files\ReasonLabs\EPP\mc.dll

                                                                                              Filesize

                                                                                              1.1MB

                                                                                              MD5

                                                                                              6d27fe0704da042cdf69efa4fb7e4ec4

                                                                                              SHA1

                                                                                              48f44cf5fe655d7ef2eafbd43e8d52828f751f05

                                                                                              SHA256

                                                                                              0f74ef17c3170d6c48f442d8c81923185f3d54cb04158a4da78495c2ec31863e

                                                                                              SHA512

                                                                                              2c3587acab4461568ac746b4cdf36283d4cb2abe09fc7c085615384e92f813c28cf4fcb4f39ec67860eac9c0e4a5f15021aee712d21a682f8df654968ed40ea3

                                                                                            • C:\Program Files\ReasonLabs\EPP\rsEngine.Core.dll

                                                                                              Filesize

                                                                                              327KB

                                                                                              MD5

                                                                                              9d3d8cd27b28bf9f8b592e066b9a0a06

                                                                                              SHA1

                                                                                              9565df4bf2306900599ea291d9e938892fe2c43a

                                                                                              SHA256

                                                                                              97fe82b6ce5bc3ad96c8c5e242c86396accdf0f78ffc155ebc05f950597cdbd6

                                                                                              SHA512

                                                                                              acefc1552d16be14def7043b21ec026133aabd56f90800e131733c5b0c78316a4d9dc37d6b3093e537ce1974219154e8bd32204127a4ab4d4cd5f3041c6a8729

                                                                                            • C:\Program Files\ReasonLabs\EPP\rsEngine.config

                                                                                              Filesize

                                                                                              5KB

                                                                                              MD5

                                                                                              be90740a7ccd5651c445cfb4bd162cf9

                                                                                              SHA1

                                                                                              218be6423b6b5b1fbce9f93d02461c7ed2b33987

                                                                                              SHA256

                                                                                              44fa685d7b4868f94c9c51465158ea029cd1a4ceb5bfa918aa7dec2c528016e4

                                                                                              SHA512

                                                                                              a26869c152ed8df57b72f8261d33b909fb4d87d93dc0061bf010b69bad7b8c90c2f40a1338806c03d669b011c0cb5bbfcd429b7cd993df7d3229002becb658ad

                                                                                            • C:\Program Files\ReasonLabs\EPP\rsWSC.InstallLog

                                                                                              Filesize

                                                                                              370B

                                                                                              MD5

                                                                                              b2ec2559e28da042f6baa8d4c4822ad5

                                                                                              SHA1

                                                                                              3bda8d045c2f8a6daeb7b59bf52295d5107bf819

                                                                                              SHA256

                                                                                              115a74ccd1f7c937afe3de7fa926fe71868f435f8ab1e213e1306e8d8239eca3

                                                                                              SHA512

                                                                                              11f613205928b546cf06b5aa0702244dace554b6aca42c2a81dd026df38b360895f2895370a7f37d38f219fc0e79acf880762a3cfcb0321d1daa189dfecfbf01

                                                                                            • C:\Program Files\ReasonLabs\EPP\rsWSC.InstallLog

                                                                                              Filesize

                                                                                              606B

                                                                                              MD5

                                                                                              43fbbd79c6a85b1dfb782c199ff1f0e7

                                                                                              SHA1

                                                                                              cad46a3de56cd064e32b79c07ced5abec6bc1543

                                                                                              SHA256

                                                                                              19537ccffeb8552c0d4a8e0f22a859b4465de1723d6db139c73c885c00bd03e0

                                                                                              SHA512

                                                                                              79b4f5dccd4f45d9b42623ebc7ee58f67a8386ce69e804f8f11441a04b941da9395aa791806bbc8b6ce9a9aa04127e93f6e720823445de9740a11a52370a92ea

                                                                                            • C:\Program Files\ReasonLabs\EPP\ui\EPP.exe

                                                                                              Filesize

                                                                                              2.2MB

                                                                                              MD5

                                                                                              defbb0a0d6b7718a9b0eaf5e7894a4b0

                                                                                              SHA1

                                                                                              0495a5eccd8690fac8810178117bf86ea366c8c3

                                                                                              SHA256

                                                                                              c3d2f7e0ad6fd26578595fb3f7c2b202ab6fba595d32dfa5c764922145db0788

                                                                                              SHA512

                                                                                              55dab7ae748a668a2bb57deb6fbff07e6056d97b6f88850890610ac135b8839d3c61f4dc505d3f32cc09a3ff2ce80ce663d0c830f9f399367dc03c92ea7ca89a

                                                                                            • C:\ProgramData\McAfee\MCLOGS\AnalyticsManager\AnalyticsManager\AnalyticsManager000.log

                                                                                              Filesize

                                                                                              2KB

                                                                                              MD5

                                                                                              b60bca18fbc5f3cb2f41336b6c439787

                                                                                              SHA1

                                                                                              965eb1b11210c49860a20818125091f055c9372c

                                                                                              SHA256

                                                                                              aab26417d0ce0abf738cd636f1f4a94ac672eaca88d07c87654d664ac6581e2e

                                                                                              SHA512

                                                                                              f67372e4a5c13cc7fe1ed5d5b2871f098790ca8fd647b5a1c2e14967d9a221a16e7173cef150dc6ade4a8d774cd9f8706bb0362669553b76543ba036c7fbc222

                                                                                            • C:\ProgramData\McAfee\MCLOGS\AnalyticsManager\AnalyticsManager\AnalyticsManager000.log

                                                                                              Filesize

                                                                                              17KB

                                                                                              MD5

                                                                                              ad5e7d5b84c0572d4a8ab927eba44463

                                                                                              SHA1

                                                                                              be5126e8f8d190038c64ccffd0d2501f8661ddfc

                                                                                              SHA256

                                                                                              927925fb9e2faf690943d52af88e553255971aad95fd5155b3d3e97eea66a19b

                                                                                              SHA512

                                                                                              460e92eaae511cd8d68afe64e13ce08bc2ade97da43a0c106f2818c6ff6be377408987559b6f52fb95c9e2baea1713e21b1567daa59a3ba1ca108d078df8943e

                                                                                            • C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

                                                                                              Filesize

                                                                                              1KB

                                                                                              MD5

                                                                                              351048b4dfe94bac7852db38e3b67fcf

                                                                                              SHA1

                                                                                              41197627c94eb6ae69a580361a1865d36ffd4712

                                                                                              SHA256

                                                                                              877e38320794ed99aed1f7055ea98da17bd47b10e92532792206e30464bc1ea6

                                                                                              SHA512

                                                                                              b56fc78c71311189964bb25b6b152e3a8b839cce86dc8f599a9dabb9fffa499bce2188ea48f567cbd5e39a4f39884e5f2ae7a52119acfdadb2271043997a712e

                                                                                            • C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

                                                                                              Filesize

                                                                                              3KB

                                                                                              MD5

                                                                                              9fe402da054ea1391c6b2bb12ac77823

                                                                                              SHA1

                                                                                              4c0ef276613649b5841604b90f113f02c19c2851

                                                                                              SHA256

                                                                                              c81fc6204b21aa99fbef4b43a815fc622a5692bb04b1b2adea812c93c5e40856

                                                                                              SHA512

                                                                                              2651b4d8fe9c69f173a68beb9b4c3307974f5ddc355330c1dd8505d0d65923f795cb02ffb327163f09bd324a53c3fe51181fefb64a59412767e7e93fd1ed643c

                                                                                            • C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

                                                                                              Filesize

                                                                                              4KB

                                                                                              MD5

                                                                                              fe4f0b6782058a4f1bce9595037c4f18

                                                                                              SHA1

                                                                                              f55e9781803347be76a8940822fe1b5ca755fb13

                                                                                              SHA256

                                                                                              4cb224e40005b0f7aab6dc442b8959dfb34fb3a0a17500cb7403fa1d0f414854

                                                                                              SHA512

                                                                                              ba3e1b98ab1b7ad287e3ab4a39fd8190453df5ff379d324c0edf3dd2e325b4816194935b632e6e1584ec23a6c9e9f7527c95e38bcf3602ff6dbe460e3fcab781

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\8f247d6a-1400-42f6-919d-a2cedec6e78e.tmp

                                                                                              Filesize

                                                                                              2KB

                                                                                              MD5

                                                                                              7854fb42e536aa19c9a14d7be8b79801

                                                                                              SHA1

                                                                                              fec075026e380d76b965e62831c20aadace725b4

                                                                                              SHA256

                                                                                              211229a875e66b998fc5982022ac0c72a275591705245a900fdaf4f03e5eb287

                                                                                              SHA512

                                                                                              0c41f096aa21e0e327fa8a436446b2b6ff80a445a0a43abee7a8e0ae92a35056998c63764705e45d545dc38bc49719f8a84d6a0b90b82421eed68044a159ba80

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad\settings.dat

                                                                                              Filesize

                                                                                              152B

                                                                                              MD5

                                                                                              1f48cae8a511f1e4bd28440955670384

                                                                                              SHA1

                                                                                              c7255ff62df6a40689b0afa431c0369fd013ad65

                                                                                              SHA256

                                                                                              9fd95f371ac43df2bbcdfab5a80080b56943f611cc687076264a4bbdc14c8926

                                                                                              SHA512

                                                                                              52e547cedb5893a4eaab9cd649c99fab0e4c3e09933b2caca4bee59b5fc3dbe00447f85e96f903af3496b315df7741e4fcd0b747566d750502b17837ff3cb89a

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad\settings.dat

                                                                                              Filesize

                                                                                              152B

                                                                                              MD5

                                                                                              a526eedf94a39dbc403ac025b77fbc6c

                                                                                              SHA1

                                                                                              20d57cd08da3a7132a0849debc0160126c5db536

                                                                                              SHA256

                                                                                              a526460fb0e1eb89a27454ff4979d592d0db5e1eb0314bc3c9d5192cc9fde2ad

                                                                                              SHA512

                                                                                              052ee58ae7347f9eba105e28180bbd972a0c8926613d190b3122639c7cf4716670461ea80f928e0ef74fdc89eadcb885a2b99cf8057da5298f2e5a63326de457

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad\settings.dat

                                                                                              Filesize

                                                                                              152B

                                                                                              MD5

                                                                                              51947e609fd09e9ed8ffd3010123444a

                                                                                              SHA1

                                                                                              78b93c47c645daf3a12977c9d329af7ef6adcc0e

                                                                                              SHA256

                                                                                              6579d7143d5a4d338dd7f32bbde291c483672ed59d9c382814b3715e84350b05

                                                                                              SHA512

                                                                                              ae2373119932ae4f52b388ec35c014c65a30d354c1bb33d2e1e8d1e671f3386e1c8eacb0e80d357283639c03d300034e98946a51487a8db4e5dfabbd2bf6c45d

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad\settings.dat

                                                                                              Filesize

                                                                                              152B

                                                                                              MD5

                                                                                              ea49785848d46d44103868e44ae9b848

                                                                                              SHA1

                                                                                              b9da63cf06e0d8ae4cb6a4da0aef451039f21cfc

                                                                                              SHA256

                                                                                              44cf451a3980b98a4c62ed0198d47416a3883b887118ac7d9f481d8e6e7a877d

                                                                                              SHA512

                                                                                              40cae0e3e761bb695ee92869198a3c4079be9b3140c85184d05fac296ca2bedd989e5c3e16a785463f00885d5820044adb58fec5727d2194d189e9f9193cea9e

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Crashpad\settings.dat

                                                                                              Filesize

                                                                                              152B

                                                                                              MD5

                                                                                              89fdea8a7d6ca962c77d667afca5767a

                                                                                              SHA1

                                                                                              906b424bbc24f4c1012b0fdc50ba6436a71addd3

                                                                                              SHA256

                                                                                              86c7d857bbc0ffa36d3722d0949a4a72f1871251f7d020b25fe0cc706065b8af

                                                                                              SHA512

                                                                                              c6b950deac1389be14cf154753134dd48388f94fc9c292dcbc524c7f953e90eb6cd9545c7d2a599450fe32eace330644dfde670c1706bb5b7b61d18964ef99a6

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Default\73b2fdce-a113-45b0-8630-6ca3c1cb2613.tmp

                                                                                              Filesize

                                                                                              1B

                                                                                              MD5

                                                                                              5058f1af8388633f609cadb75a75dc9d

                                                                                              SHA1

                                                                                              3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                              SHA256

                                                                                              cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                              SHA512

                                                                                              0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Default\Local Storage\leveldb\MANIFEST-000001

                                                                                              Filesize

                                                                                              41B

                                                                                              MD5

                                                                                              5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                              SHA1

                                                                                              d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                              SHA256

                                                                                              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                              SHA512

                                                                                              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Default\Preferences

                                                                                              Filesize

                                                                                              4KB

                                                                                              MD5

                                                                                              6c2495ca38505fe853275436301bb45d

                                                                                              SHA1

                                                                                              fe7fd7652acf251d5e954ca20132515d99b020e2

                                                                                              SHA256

                                                                                              f3654dd637d80fbdbe4705457a05477979cd5b527d4e31c06eb19acbfbeed8dd

                                                                                              SHA512

                                                                                              149041a46902285dc3e4ed0ac08604e19ba49758f1971c007d8d7228deff3dfc4f413403371cdcc8e4f98e84b99c080671105ec0eb1717ae3201bdd94e043edb

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Default\Secure Preferences

                                                                                              Filesize

                                                                                              8KB

                                                                                              MD5

                                                                                              d75fee0a2e040d0713bcedd91b7d03a4

                                                                                              SHA1

                                                                                              ab932e160d4edd0feb89fb32e4899405626da3df

                                                                                              SHA256

                                                                                              1b508d0fecde624546ed157ca0d45466ee7529e53f3de476cbbf84c1b95bba32

                                                                                              SHA512

                                                                                              ca4a0c15b39d7efda9642cc24540f22d78a70b36f493dd4414c0e6091d6f601dc1a9bd0705ac258ce8ddd985cb5442fcab094d47bc8c0d959a86c5e54f79234f

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Default\Sync Data\LevelDB\CURRENT

                                                                                              Filesize

                                                                                              16B

                                                                                              MD5

                                                                                              46295cac801e5d4857d09837238a6394

                                                                                              SHA1

                                                                                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                              SHA256

                                                                                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                              SHA512

                                                                                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                              Filesize

                                                                                              16B

                                                                                              MD5

                                                                                              206702161f94c5cd39fadd03f4014d98

                                                                                              SHA1

                                                                                              bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                              SHA256

                                                                                              1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                              SHA512

                                                                                              0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Local State

                                                                                              Filesize

                                                                                              1KB

                                                                                              MD5

                                                                                              dbcbbf611ff4dfbfa91200d0ee6cb4ed

                                                                                              SHA1

                                                                                              2d18e0b9b06b6ebb024f6f3ec284252f4c5eb733

                                                                                              SHA256

                                                                                              89fcf4ab181b25ff473174e5de09c72e7dc801d744663782b89c1a6adae6fd13

                                                                                              SHA512

                                                                                              784f542a3b8896b954d5b16a6bf059b73cafa7daca10f027f558dba98f27359c3c7713668dcd25a6698d2fcabed657aaa40b301dbf52680da7e7b764ce7eb2b8

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Local State

                                                                                              Filesize

                                                                                              1KB

                                                                                              MD5

                                                                                              3242128f19f447904cb15501f12e5272

                                                                                              SHA1

                                                                                              f8c08f55e783357fe67a4dbfedbeb8efc07be736

                                                                                              SHA256

                                                                                              9b92fe1046a2396514cbb3841c231bd826c83580197ced91ba660817ecc6a78b

                                                                                              SHA512

                                                                                              0ef94447306bb4c83725578d231b9ab335539c502f828ff64b10b3a7f970c2a7cee884626ee3aabf2085f30dd9322229b0066030c1d092ea277b1276d6788830

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\Local State

                                                                                              Filesize

                                                                                              8KB

                                                                                              MD5

                                                                                              f192e40ddb313674b6e3a683f6c23b3c

                                                                                              SHA1

                                                                                              edd48d4c6ef638969fae5468fee401ac9c32c1d2

                                                                                              SHA256

                                                                                              3170ce7f6801570c5ea1d8d792788832b596c6ddf7db2e56cc2553d9c9f16223

                                                                                              SHA512

                                                                                              7093ca14080f1a2f82f756282fd04356586e4fdd5fe7b7c087c6e246ae9219e82d38d4444e5898ce037124901b704aeb6e0e4b7aa10410ef19cb5ab396a22679

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\ShaderCache\GPUCache\data_0

                                                                                              Filesize

                                                                                              8KB

                                                                                              MD5

                                                                                              cf89d16bb9107c631daabf0c0ee58efb

                                                                                              SHA1

                                                                                              3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                                              SHA256

                                                                                              d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                                              SHA512

                                                                                              8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\ShaderCache\GPUCache\data_1

                                                                                              Filesize

                                                                                              264KB

                                                                                              MD5

                                                                                              f50f89a0a91564d0b8a211f8921aa7de

                                                                                              SHA1

                                                                                              112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                              SHA256

                                                                                              b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                              SHA512

                                                                                              bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\ShaderCache\GPUCache\data_2

                                                                                              Filesize

                                                                                              8KB

                                                                                              MD5

                                                                                              0962291d6d367570bee5454721c17e11

                                                                                              SHA1

                                                                                              59d10a893ef321a706a9255176761366115bedcb

                                                                                              SHA256

                                                                                              ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                                              SHA512

                                                                                              f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                                            • C:\Users\Admin\AppData\LocalLow\uTorrent.WebView2\EBWebView\ShaderCache\GPUCache\data_3

                                                                                              Filesize

                                                                                              8KB

                                                                                              MD5

                                                                                              41876349cb12d6db992f1309f22df3f0

                                                                                              SHA1

                                                                                              5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                                              SHA256

                                                                                              e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                                              SHA512

                                                                                              e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                              Filesize

                                                                                              152B

                                                                                              MD5

                                                                                              b8b53ef336be1e3589ad68ef93bbe3a7

                                                                                              SHA1

                                                                                              dec5c310225cab7d871fe036a6ed0e7fc323cf56

                                                                                              SHA256

                                                                                              fe5c2fb328310d7621d8f5af5af142c9ce10c80f127c4ab63171738ad34749e1

                                                                                              SHA512

                                                                                              a9081a5a909d9608adfc2177d304950b700b654e397cf648ed90ecac8ac44b860b2cf55a6d65e4dfa84ef79811543abf7cb7f6368fd3914e138dfdd7a9c09537

                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                              Filesize

                                                                                              152B

                                                                                              MD5

                                                                                              6e498afe43878690d3c18fab2dd375a5

                                                                                              SHA1

                                                                                              b53f3ccbfe03a300e6b76a7c453bacb8ca9e13bd

                                                                                              SHA256

                                                                                              beb39e9a246495e9dd2971224d23c511b565a72a6f02315c9f9bf1dcfae7df78

                                                                                              SHA512

                                                                                              3bf8a2dd797e7f41377267ad26bde717b5b3839b835fe7b196e748fec775ffd39346dba154bb5d8bda4e6568133daaa7fefa3a0d2a05e035c7210bb3c60041a7

                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                                                                              Filesize

                                                                                              20KB

                                                                                              MD5

                                                                                              87e8230a9ca3f0c5ccfa56f70276e2f2

                                                                                              SHA1

                                                                                              eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

                                                                                              SHA256

                                                                                              e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

                                                                                              SHA512

                                                                                              37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                              Filesize

                                                                                              5KB

                                                                                              MD5

                                                                                              fb6f5259f328810f7b25da93165665c5

                                                                                              SHA1

                                                                                              1d659763f2e48753fa15e5c404a9cee2b14322c5

                                                                                              SHA256

                                                                                              21cd96e891fababaa7cd40d414649cabb629e3aed4b577baa74ea20627475614

                                                                                              SHA512

                                                                                              c4ddc968ca7df651ec8f1bb201f1ca6b68178755e6e4a72c5ab30680eeccac6f5dd203d44985d12437747cca9a70f3668fcd25908391eedfb5bab42c9dbc34d8

                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                              Filesize

                                                                                              6KB

                                                                                              MD5

                                                                                              a47224aa74ec67eaa90c7996a78ca194

                                                                                              SHA1

                                                                                              458f65ed80dfaaaf9fb6122b2030328a6d6bad5e

                                                                                              SHA256

                                                                                              aaa5245b88e0683503dc2c91404fa5c784e36d8c4eea0f7dab8030a850ac3132

                                                                                              SHA512

                                                                                              05efe42696a04de5980588a0be78eacc7e038093277dfbd169635b1f4e3cdae9d001cbc9ba0b48a8c9cf9832f77b56ba3403680b1eddd757a856e685a226be24

                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                              Filesize

                                                                                              11KB

                                                                                              MD5

                                                                                              c0dce24d99a4cad09bcc8f2348a7338a

                                                                                              SHA1

                                                                                              85a7d6965acc96d7c7669c8b6054471d8b53c17a

                                                                                              SHA256

                                                                                              22dba47abdc4549b9d4b86038b0afabfb0f88b0df1d420d7de8f65a565260913

                                                                                              SHA512

                                                                                              6588e87afb4a9ada8376129a5fc00854ba5c356f79a1752fded2324cab7d8da65915ce2b22c6fd25cac57ea15738c12a01904f2bff75744b27ce5b5f9f5eec3b

                                                                                            • C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405061701341\assistant\Assistant_109.0.5097.45_Setup.exe_sfx.exe

                                                                                              Filesize

                                                                                              2.5MB

                                                                                              MD5

                                                                                              15d8c8f36cef095a67d156969ecdb896

                                                                                              SHA1

                                                                                              a1435deb5866cd341c09e56b65cdda33620fcc95

                                                                                              SHA256

                                                                                              1521c69f478e9ced2f64b8714b9e19724e747cd8166e0f7ab5db1151a523dda8

                                                                                              SHA512

                                                                                              d6f48180d4dcb5ba83a9c0166870ac00ea67b615e749edf5994bc50277bf97ca87f582ac6f374c5351df252db73ee1231c943b53432dbb7563e12bbaf5bb393a

                                                                                            • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2405061701332403296.dll

                                                                                              Filesize

                                                                                              4.6MB

                                                                                              MD5

                                                                                              2a3159d6fef1100348d64bf9c72d15ee

                                                                                              SHA1

                                                                                              52a08f06f6baaa12163b92f3c6509e6f1e003130

                                                                                              SHA256

                                                                                              668bf8a7f3e53953dd6789fc6146a205c6c7330832c5d20b439eedb7c52ed303

                                                                                              SHA512

                                                                                              251c0d3cdd0597b962d4e32cf588a82454c42067cbe5e35b41b0548eea742ea25815e5d6830b63c1992b5730a4e6d7c005fb0019aa4c389549b06fff9a74b38c

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\Logo.png

                                                                                              Filesize

                                                                                              7KB

                                                                                              MD5

                                                                                              5424804c80db74e1304535141a5392c6

                                                                                              SHA1

                                                                                              6d749f3b59672b0c243690811ec3240ff2eced8e

                                                                                              SHA256

                                                                                              9b7e2ea77e518b50e5dd78e0faec509e791949a7c7f360a967c9ee204a8f1412

                                                                                              SHA512

                                                                                              6c7364b9693ce9cbbdbca60ecef3911dfe3d2d836252d7650d34506d2aa41fc5892028ba93f2619caf7edb06576fddae7e5f91f5844b5c3a47f54ca39f84cc6e

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\Opera_new.png

                                                                                              Filesize

                                                                                              65KB

                                                                                              MD5

                                                                                              ca01cd3778c987f64633d8af840ccccb

                                                                                              SHA1

                                                                                              85ecea538314c4c09ce79ce554a32331d83bb4f1

                                                                                              SHA256

                                                                                              3c1235a59c023bad329532d2c559350b40536ef859c00fb36425f76f348e82ab

                                                                                              SHA512

                                                                                              ddb561140f22c874b35849553314e034fc4a0b792486fca09f46cba947d0438cea73f84a1775f035d0c344a9a2745a9e10f610375da4948256ee249999b21cdc

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\RAV_Cross.png

                                                                                              Filesize

                                                                                              74KB

                                                                                              MD5

                                                                                              cd09f361286d1ad2622ba8a57b7613bd

                                                                                              SHA1

                                                                                              4cd3e5d4063b3517a950b9d030841f51f3c5f1b1

                                                                                              SHA256

                                                                                              b92a31d4853d1b2c4e5b9d9624f40b439856d0c6a517e100978cbde8d3c47dc8

                                                                                              SHA512

                                                                                              f73d60c92644e0478107e0402d1c7b4dfa1674f69b41856f74f937a7b57ceaa2b3be9242f2b59f1fcf71063aac6cbe16c594618d1a8cdd181510de3240f31dff

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\WebAdvisor.png

                                                                                              Filesize

                                                                                              47KB

                                                                                              MD5

                                                                                              4cfff8dc30d353cd3d215fd3a5dbac24

                                                                                              SHA1

                                                                                              0f4f73f0dddc75f3506e026ef53c45c6fafbc87e

                                                                                              SHA256

                                                                                              0c430e56d69435d8ab31cbb5916a73a47d11ef65b37d289ee7d11130adf25856

                                                                                              SHA512

                                                                                              9d616f19c2496be6e89b855c41befc0235e3ce949d2b2ae7719c823f10be7fe0809bddfd93e28735b36271083dd802ae349b3ab7b60179b269d4a18c6cef4139

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\botva2.dll

                                                                                              Filesize

                                                                                              37KB

                                                                                              MD5

                                                                                              67965a5957a61867d661f05ae1f4773e

                                                                                              SHA1

                                                                                              f14c0a4f154dc685bb7c65b2d804a02a0fb2360d

                                                                                              SHA256

                                                                                              450b9b0ba25bf068afbc2b23d252585a19e282939bf38326384ea9112dfd0105

                                                                                              SHA512

                                                                                              c6942818b9026dc5db2d62999d32cf99fe7289f79a28b8345af17acf9d13b2229a5e917a48ff1f6d59715bdbcb00c1625e0302abcfe10ca7e0475762e0a3f41b

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component0.exe

                                                                                              Filesize

                                                                                              44KB

                                                                                              MD5

                                                                                              f9a29a53f37127423afb5aeb1ed67b3a

                                                                                              SHA1

                                                                                              c7b2581c240973b2f6e2056c9dec6159e257b315

                                                                                              SHA256

                                                                                              5f0273ef301aa414992824e4830512a19445274b31c3fac201b49a89da9ce083

                                                                                              SHA512

                                                                                              675ff092ebf60cc7e3996708d0806e363fe3959b7de90c3161f71fa9ad3511f6f261fdeb217cb96bdde4d6aa99da48f1cc14578e9366909942090e2ad7c71f52

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component1.zip

                                                                                              Filesize

                                                                                              515KB

                                                                                              MD5

                                                                                              f68008b70822bd28c82d13a289deb418

                                                                                              SHA1

                                                                                              06abbe109ba6dfd4153d76cd65bfffae129c41d8

                                                                                              SHA256

                                                                                              cc6f4faf4e8a9f4d2269d1d69a69ea326f789620fb98078cc98597f3cb998589

                                                                                              SHA512

                                                                                              fa482942e32e14011ae3c6762c638ccb0a0e8ec0055d2327c3acc381dddf1400de79e4e9321a39a418800d072e59c36b94b13b7eb62751d3aec990fb38ce9253

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component1_extract\installer.exe

                                                                                              Filesize

                                                                                              27.5MB

                                                                                              MD5

                                                                                              d2272f3869d5b634f656047968c25ae6

                                                                                              SHA1

                                                                                              453c6ffa6ec3a0a25ae59a1b58a0d18b023edb16

                                                                                              SHA256

                                                                                              d89a2423da3704108861f190e1633d2100ecc30b4c40bd835ce54a6934887bc9

                                                                                              SHA512

                                                                                              41072ef6f382cf6d4d97ebc2a49a50a9bd41b53508a8586fd8d018e86aed135e8ac2cdd16bbf725e4f74f14ecfcf49789d3af8924b6d5dfa6b94dc6bf79a0785

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component1_extract\saBSI.exe

                                                                                              Filesize

                                                                                              1.1MB

                                                                                              MD5

                                                                                              143255618462a577de27286a272584e1

                                                                                              SHA1

                                                                                              efc032a6822bc57bcd0c9662a6a062be45f11acb

                                                                                              SHA256

                                                                                              f5aa950381fbcea7d730aa794974ca9e3310384a95d6cf4d015fbdbd9797b3e4

                                                                                              SHA512

                                                                                              c0a084d5c0b645e6a6479b234fa73c405f56310119dd7c8b061334544c47622fdd5139db9781b339bb3d3e17ac59fddb7d7860834ecfe8aad6d2ae8c869e1cb9

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2.zip

                                                                                              Filesize

                                                                                              2.3MB

                                                                                              MD5

                                                                                              f743314bda8fb2a98ae14316c4d0d3a2

                                                                                              SHA1

                                                                                              5d8f007bd38a0b20d5c5ed5aa20b77623a856297

                                                                                              SHA256

                                                                                              2113c6d5ef32e3ded8b4b070a6d0da8b1c11a1ba5e7d7fbfb61deeeafc9d451c

                                                                                              SHA512

                                                                                              f30af84df2eb2ddf3ed414c069f0edbcf42110f14e0aed61c0f28d6bca0f1c7785db1d53f90686ffe1f543d610b0f5f223c79160f7245924c38d99e6ffe2321d

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\component2_extract\OperaSetup.exe

                                                                                              Filesize

                                                                                              5.1MB

                                                                                              MD5

                                                                                              472dea5069dd8ba24cd0379d70a78f4f

                                                                                              SHA1

                                                                                              b543293dd4cf909eb0ad3477e718bcdcbf0dadef

                                                                                              SHA256

                                                                                              80640139d8a69161417b01b1e21618921096ec5ea25658e1a56de9a6b7941395

                                                                                              SHA512

                                                                                              fa85babaa4a7ac60759da659ef22348569cf7c653d6c865b3c8277dc1a4a9d7edb356a621b218a9c1f39b48ac7f01dee902a046a57b2bc8b9ce6f424051bf6e4

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-4BRQO.tmp\uTorrent.exe

                                                                                              Filesize

                                                                                              3.7MB

                                                                                              MD5

                                                                                              d5bda33383b3ace63aa7df579ccef364

                                                                                              SHA1

                                                                                              804c1a7738d16240c6a3333ee10127a1182679a9

                                                                                              SHA256

                                                                                              44e91f68e2440fcc567530b72bbe0d04c8fc40bdd055d5973bdef62bbb21b857

                                                                                              SHA512

                                                                                              5a8ccc4e288fb493749af784fccea8b87ffe46af1799e1fd409076930f0d76356297922b5044fe15e582218f96b307979a3ea843be0b846a82b4f4bca5be2350

                                                                                            • C:\Users\Admin\AppData\Local\Temp\is-HJ0RV.tmp\utorrent_installer(1).tmp

                                                                                              Filesize

                                                                                              3.0MB

                                                                                              MD5

                                                                                              27174a5611d8827d1736d9ac8382d19f

                                                                                              SHA1

                                                                                              f000848acdd1c152d32a44c928deace522983886

                                                                                              SHA256

                                                                                              36a40fb99c1b026e59c6ba286a02548c64ec7a7e280b19d3169af9aa3c59b994

                                                                                              SHA512

                                                                                              4b6180facd75a9f10e2122ed1ca513979752f953cb92f8436877aff341b40575125db43293259a291406d95f408fbebbd89081fc07f2a5779ec02e5ead23406d

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nssBF1B.tmp\INetC.dll

                                                                                              Filesize

                                                                                              24KB

                                                                                              MD5

                                                                                              640bff73a5f8e37b202d911e4749b2e9

                                                                                              SHA1

                                                                                              9588dd7561ab7de3bca392b084bec91f3521c879

                                                                                              SHA256

                                                                                              c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502

                                                                                              SHA512

                                                                                              39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nssBF1B.tmp\System.dll

                                                                                              Filesize

                                                                                              12KB

                                                                                              MD5

                                                                                              cff85c549d536f651d4fb8387f1976f2

                                                                                              SHA1

                                                                                              d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

                                                                                              SHA256

                                                                                              8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

                                                                                              SHA512

                                                                                              531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nssBF1B.tmp\bt_datachannel.dll

                                                                                              Filesize

                                                                                              4.1MB

                                                                                              MD5

                                                                                              dfca05beb0d6a31913c04b1314ca8b4a

                                                                                              SHA1

                                                                                              5fbbccf13325828016446f63d21250c723578841

                                                                                              SHA256

                                                                                              d4c4e05fade7e76f4a2d0c9c58a6b9b82b761d9951ffddd838c381549368e153

                                                                                              SHA512

                                                                                              858d4fb9d073c51c0ab7a0b896c30e35376678cc12aec189085638376d3cc74c1821495692eac378e4509ef5dcab0e8b950ad5bfab66d2c62ab31bc0a75118cf

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nssBF1B.tmp\nsisFirewall.dll

                                                                                              Filesize

                                                                                              8KB

                                                                                              MD5

                                                                                              f5bf81a102de52a4add21b8a367e54e0

                                                                                              SHA1

                                                                                              cf1e76ffe4a3ecd4dad453112afd33624f16751c

                                                                                              SHA256

                                                                                              53be5716ad80945cb99681d5dbda60492f5dfb206fbfdb776b769b3eeb18d2c2

                                                                                              SHA512

                                                                                              6e280a75f706474ad31b2ce770fa34f54cb598528fac4477c466200a608b79c0f9b84011545595d9ba94331ad08e2f51bd42de91f92379db27686a28ba351256

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nssBF1B.tmp\utorrent.exe

                                                                                              Filesize

                                                                                              2.2MB

                                                                                              MD5

                                                                                              3cdd9138411fe937bb972005782cd7db

                                                                                              SHA1

                                                                                              5d899bd8dd1e5e8ce4191071c8a83234ebfe8869

                                                                                              SHA256

                                                                                              59dc2da6612f57422ad2aaec7acd13da79c441855befb575ac38024b9dd1106f

                                                                                              SHA512

                                                                                              9d7e5845893acfd6773e6098e739035a9c960af0d3dc629b2530d1666474474df2e1cdceb08e3f0293ac57a36dd3cac1278d5c8509d8e486e140999260276fcd

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\ArchiveUtilityx64.dll

                                                                                              Filesize

                                                                                              150KB

                                                                                              MD5

                                                                                              3351152f6ee87e97682a0a7c459ef614

                                                                                              SHA1

                                                                                              5312f9da67fcfd573dc5e45f6a7cc35fa463af89

                                                                                              SHA256

                                                                                              6e2673687ba029074657f0d1c4410691ee013eff2223d0c7695dfe4f70c62f1c

                                                                                              SHA512

                                                                                              2b7ecb22746bf907ae4da891e170226da4f180ade27e41a16e1ef9e11f39e5e35b9eac3fcfff520dbb8a8888a1dbd1ca2459ab58ce8dc44a424c5de7b8132de6

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\Microsoft.Win32.TaskScheduler.dll

                                                                                              Filesize

                                                                                              341KB

                                                                                              MD5

                                                                                              a09decc59b2c2f715563bb035ee4241e

                                                                                              SHA1

                                                                                              c84f5e2e0f71feef437cf173afeb13fe525a0fea

                                                                                              SHA256

                                                                                              6b8f51508240af3b07a8d0b2dc873cedc3d5d9cb25e57ea1d55626742d1f9149

                                                                                              SHA512

                                                                                              1992c8e1f7e37a58bbf486f76d1320da8e1757d6296c8a7631f35ba2e376de215c65000612364c91508aa3ddf72841f6b823fa60a2b29415a07c74c2e830212b

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\RAVEndPointProtection-installer.exe

                                                                                              Filesize

                                                                                              539KB

                                                                                              MD5

                                                                                              41a3c2a1777527a41ddd747072ee3efd

                                                                                              SHA1

                                                                                              44b70207d0883ec1848c3c65c57d8c14fd70e2c3

                                                                                              SHA256

                                                                                              8592bae7b6806e5b30a80892004a7b79f645a16c0f1b85b4b8df809bdb6cf365

                                                                                              SHA512

                                                                                              14df28cc7769cf78b24ab331bd63da896131a2f0fbb29b10199016aef935d376493e937874eb94faf52b06a98e1678a5cf2c2d0d442c31297a9c0996205ed869

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\rsAtom.dll

                                                                                              Filesize

                                                                                              156KB

                                                                                              MD5

                                                                                              9deba7281d8eceefd760874434bd4e91

                                                                                              SHA1

                                                                                              553e6c86efdda04beacee98bcee48a0b0dba6e75

                                                                                              SHA256

                                                                                              02a42d2403f0a61c3a52138c407b41883fa27d9128ecc885cf1d35e4edd6d6b9

                                                                                              SHA512

                                                                                              7a82fbac4ade3a9a29cb877cc716bc8f51b821b533f31f5e0979f0e9aca365b0353e93cc5352a21fbd29df8fc0f9a2025351453032942d580b532ab16acaa306

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\rsJSON.dll

                                                                                              Filesize

                                                                                              218KB

                                                                                              MD5

                                                                                              f8978087767d0006680c2ec43bda6f34

                                                                                              SHA1

                                                                                              755f1357795cb833f0f271c7c87109e719aa4f32

                                                                                              SHA256

                                                                                              221bb12d3f9b2aa40ee21d2d141a8d12e893a8eabc97a04d159aa46aecfa5d3e

                                                                                              SHA512

                                                                                              54f48c6f94659c88d947a366691fbaef3258ed9d63858e64ae007c6f8782f90ede5c9ab423328062c746bc4ba1e8d30887c97015a5e3e52a432a9caa02bb6955

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\rsLogger.dll

                                                                                              Filesize

                                                                                              177KB

                                                                                              MD5

                                                                                              83ad54079827e94479963ba4465a85d7

                                                                                              SHA1

                                                                                              d33efd0f5e59d1ef30c59d74772b4c43162dc6b7

                                                                                              SHA256

                                                                                              ec0a8c14a12fdf8d637408f55e6346da1c64efdd00cc8921f423b1a2c63d3312

                                                                                              SHA512

                                                                                              c294fb8ac2a90c6125f8674ca06593b73b884523737692af3ccaa920851fc283a43c9e2dc928884f97b08fc8974919ec603d1afb5c178acd0c2ebd6746a737e1

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\rsStubLib.dll

                                                                                              Filesize

                                                                                              248KB

                                                                                              MD5

                                                                                              a16602aad0a611d228af718448ed7cbd

                                                                                              SHA1

                                                                                              ddd9b80306860ae0b126d3e834828091c3720ac5

                                                                                              SHA256

                                                                                              a1f4ba5bb347045d36dcaac3a917236b924c0341c7278f261109bf137dcef95a

                                                                                              SHA512

                                                                                              305a3790a231b4c93b8b4e189e18cb6a06d20b424fd6237d32183c91e2a5c1e863096f4d1b30b73ff15c4c60af269c4faaadaf42687101b1b219795abc70f511

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\tmp\RAVEndPointProtection-installer.exe\assembly\dl3\57dd0a85\091ac51d_d79fda01\rsJSON.DLL

                                                                                              Filesize

                                                                                              219KB

                                                                                              MD5

                                                                                              d43100225a3f78936ca012047a215559

                                                                                              SHA1

                                                                                              c68013c5f929fe098a57870553c3204fd9617904

                                                                                              SHA256

                                                                                              cc5ea6c9c8a14c48a20715b6b3631cbf42f73b41b87d1fbb0462738ff80dc01a

                                                                                              SHA512

                                                                                              9633992a07ea61a9d7acd0723dbd715dbd384e01e268131df0534bcdfcd92f12e3decc76aa870ea4786314c0b939b41c5f9e591a18c4d9d0bad069f30acd833e

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\tmp\RAVEndPointProtection-installer.exe\assembly\dl3\7b976cf7\091ac51d_d79fda01\rsLogger.DLL

                                                                                              Filesize

                                                                                              179KB

                                                                                              MD5

                                                                                              b279550f2557481ae48e257f0964ae29

                                                                                              SHA1

                                                                                              53bef04258321ca30a6d36a7d3523032e3087a3e

                                                                                              SHA256

                                                                                              13fe4a20114cdf8cd3bba42eeaabe8d49be0b03eec423f530c890463014ccaaa

                                                                                              SHA512

                                                                                              f603cbac1f55ad4de7a561a1d9c27e33e36de00f09a18ff956456afec958f3e777277db74f0b25c6467e765d39175aa4fcdd38e87a3d666b608d983acb9321cd

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\tmp\RAVEndPointProtection-installer.exe\assembly\dl3\af79298d\091ac51d_d79fda01\rsServiceController.DLL

                                                                                              Filesize

                                                                                              174KB

                                                                                              MD5

                                                                                              d0779008ba2dc5aba2393f95435a6e8d

                                                                                              SHA1

                                                                                              14ccd0d7b6128cf11c58f15918b2598c5fefe503

                                                                                              SHA256

                                                                                              e74a387b85ee4346b983630b571d241749224d51b81b607f88f6f77559f9cb05

                                                                                              SHA512

                                                                                              931edd82977e9a58c6669287b38c1b782736574db88dad0cc6e0d722c6e810822b3cbe5689647a8a6f2b3692d0c348eb063e17abfa5580a66b17552c30176426

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\tmp\RAVEndPointProtection-installer.exe\assembly\dl3\f2d717cc\c4b7c21d_d79fda01\rsAtom.DLL

                                                                                              Filesize

                                                                                              158KB

                                                                                              MD5

                                                                                              875e26eb233dbf556ddb71f1c4d89bb6

                                                                                              SHA1

                                                                                              62b5816d65db3de8b8b253a37412c02e9f46b0f9

                                                                                              SHA256

                                                                                              e62ac7163d7d48504992cd284630c8f94115c3718d60340ad9bb7ee5dd115b35

                                                                                              SHA512

                                                                                              54fdc659157667df4272ac11048f239101cb12b39b2bf049ef552b4e0ce3998ff627bf763e75b5c69cc0d4ef116bfe9043c9a22f2d923dbedddacf397e621035

                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsuD1E8.tmp\uninstall.ico

                                                                                              Filesize

                                                                                              170KB

                                                                                              MD5

                                                                                              af1c23b1e641e56b3de26f5f643eb7d9

                                                                                              SHA1

                                                                                              6c23deb9b7b0c930533fdbeea0863173d99cf323

                                                                                              SHA256

                                                                                              0d3a05e1b06403f2130a6e827b1982d2af0495cdd42deb180ca0ce4f20db5058

                                                                                              SHA512

                                                                                              0c503ec7e83a5bfd59ec8ccc80f6c54412263afd24835b8b4272a79c440a0c106875b5c3b9a521a937f0615eb4f112d1d6826948ad5fb6fd173c5c51cb7168f4

                                                                                            • C:\Users\Admin\AppData\Local\Temp\zpj5uqne.exe

                                                                                              Filesize

                                                                                              1.9MB

                                                                                              MD5

                                                                                              75f5f6c91b2667e98648695dd2203670

                                                                                              SHA1

                                                                                              fcaa8d420a13150ab4ff3e890f0789f115697d57

                                                                                              SHA256

                                                                                              560cc83a83bca66f9009566921e031eb5cc7832cb7566c5383163b9883237ea5

                                                                                              SHA512

                                                                                              a79ca747cc94d072a29dd2733283ef93f18cac94687a429bef1e3ff99c804004a7f070ef4bd45b0aa94b9b56e5b75b075fe6b7abb1ce6e239a991da6324c0f8c

                                                                                            • C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat

                                                                                              Filesize

                                                                                              40B

                                                                                              MD5

                                                                                              4f6d682bc89a1d45ca296bd45da7cdb0

                                                                                              SHA1

                                                                                              be80bc897a1188816abfab699816ea591b7d811f

                                                                                              SHA256

                                                                                              bfbd49b9c6a3188f372b970b0bf55a5293f6e7122e7061fd92c23d3132a87f08

                                                                                              SHA512

                                                                                              2648cd881ef4f6f37591188784c43d78031a30c0b599278df890705c2153521cc4b88a0256316381faf091fb882ad70ebf2198ad2b596173368096f91a7cdbba

                                                                                            • memory/1336-2952-0x00000213F01F0000-0x00000213F021E000-memory.dmp

                                                                                              Filesize

                                                                                              184KB

                                                                                            • memory/1336-2953-0x00000213F01F0000-0x00000213F021E000-memory.dmp

                                                                                              Filesize

                                                                                              184KB

                                                                                            • memory/1336-2966-0x00000213F0680000-0x00000213F0692000-memory.dmp

                                                                                              Filesize

                                                                                              72KB

                                                                                            • memory/1336-2967-0x00000213F1E90000-0x00000213F1ECC000-memory.dmp

                                                                                              Filesize

                                                                                              240KB

                                                                                            • memory/1808-337-0x00000221FF280000-0x00000221FF2AA000-memory.dmp

                                                                                              Filesize

                                                                                              168KB

                                                                                            • memory/1808-2397-0x0000022198710000-0x0000022198760000-memory.dmp

                                                                                              Filesize

                                                                                              320KB

                                                                                            • memory/1808-2887-0x00000221FF2F0000-0x00000221FF32A000-memory.dmp

                                                                                              Filesize

                                                                                              232KB

                                                                                            • memory/1808-2898-0x00000221FF2F0000-0x00000221FF320000-memory.dmp

                                                                                              Filesize

                                                                                              192KB

                                                                                            • memory/1808-2908-0x00000221FF2F0000-0x00000221FF31A000-memory.dmp

                                                                                              Filesize

                                                                                              168KB

                                                                                            • memory/1808-2921-0x00000221FFB40000-0x00000221FFB6E000-memory.dmp

                                                                                              Filesize

                                                                                              184KB

                                                                                            • memory/1808-306-0x00000221FD410000-0x00000221FD498000-memory.dmp

                                                                                              Filesize

                                                                                              544KB

                                                                                            • memory/1808-312-0x00000221FD8F0000-0x00000221FD930000-memory.dmp

                                                                                              Filesize

                                                                                              256KB

                                                                                            • memory/1808-314-0x00000221FD930000-0x00000221FD960000-memory.dmp

                                                                                              Filesize

                                                                                              192KB

                                                                                            • memory/1808-332-0x00000221FF220000-0x00000221FF25A000-memory.dmp

                                                                                              Filesize

                                                                                              232KB

                                                                                            • memory/1808-343-0x00000221FF360000-0x00000221FF3B8000-memory.dmp

                                                                                              Filesize

                                                                                              352KB

                                                                                            • memory/2380-144-0x0000018BE24A0000-0x0000018BE24A8000-memory.dmp

                                                                                              Filesize

                                                                                              32KB

                                                                                            • memory/2380-145-0x0000018BFCED0000-0x0000018BFD3F8000-memory.dmp

                                                                                              Filesize

                                                                                              5.2MB

                                                                                            • memory/3504-856-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-694-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-637-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-636-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-611-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-599-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-588-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-587-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-826-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-816-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-713-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-570-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-763-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-783-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-804-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-846-0x00007FF6C4220000-0x00007FF6C4230000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-830-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-833-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-836-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-1376-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-1416-0x00007FF7273B0000-0x00007FF7273C0000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-1417-0x00007FF7273B0000-0x00007FF7273C0000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-1415-0x00007FF7273B0000-0x00007FF7273C0000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-1411-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-848-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-850-0x00007FF6C4220000-0x00007FF6C4230000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-658-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-890-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-895-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-913-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-1045-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-1012-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-920-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-758-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-755-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-734-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-703-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-935-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-902-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-651-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-838-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-622-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-586-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-559-0x00007FF7273B0000-0x00007FF7273C0000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-519-0x00007FF7273B0000-0x00007FF7273C0000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-686-0x00007FF710CF0000-0x00007FF710D00000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3504-683-0x00007FF7287F0000-0x00007FF728800000-memory.dmp

                                                                                              Filesize

                                                                                              64KB

                                                                                            • memory/3632-118-0x0000000000400000-0x00000000009C2000-memory.dmp

                                                                                              Filesize

                                                                                              5.8MB

                                                                                            • memory/3632-93-0x0000000000400000-0x00000000009C2000-memory.dmp

                                                                                              Filesize

                                                                                              5.8MB

                                                                                            • memory/3884-0-0x0000000000400000-0x00000000004D4000-memory.dmp

                                                                                              Filesize

                                                                                              848KB

                                                                                            • memory/3884-2-0x0000000000401000-0x00000000004B7000-memory.dmp

                                                                                              Filesize

                                                                                              728KB

                                                                                            • memory/3884-27-0x0000000000400000-0x00000000004D4000-memory.dmp

                                                                                              Filesize

                                                                                              848KB

                                                                                            • memory/4752-2993-0x000001AF771A0000-0x000001AF77506000-memory.dmp

                                                                                              Filesize

                                                                                              3.4MB

                                                                                            • memory/4752-2995-0x000001AF76500000-0x000001AF7651A000-memory.dmp

                                                                                              Filesize

                                                                                              104KB

                                                                                            • memory/4752-2994-0x000001AF77010000-0x000001AF7718C000-memory.dmp

                                                                                              Filesize

                                                                                              1.5MB

                                                                                            • memory/4752-2996-0x000001AF76570000-0x000001AF76592000-memory.dmp

                                                                                              Filesize

                                                                                              136KB

                                                                                            • memory/4788-44-0x00000000032E0000-0x00000000032EF000-memory.dmp

                                                                                              Filesize

                                                                                              60KB

                                                                                            • memory/4788-3177-0x0000000000400000-0x000000000070F000-memory.dmp

                                                                                              Filesize

                                                                                              3.1MB

                                                                                            • memory/4788-43-0x0000000000400000-0x000000000070F000-memory.dmp

                                                                                              Filesize

                                                                                              3.1MB

                                                                                            • memory/4788-155-0x0000000000400000-0x000000000070F000-memory.dmp

                                                                                              Filesize

                                                                                              3.1MB

                                                                                            • memory/4788-28-0x0000000000400000-0x000000000070F000-memory.dmp

                                                                                              Filesize

                                                                                              3.1MB

                                                                                            • memory/4788-29-0x00000000032E0000-0x00000000032EF000-memory.dmp

                                                                                              Filesize

                                                                                              60KB

                                                                                            • memory/4788-15-0x00000000032E0000-0x00000000032EF000-memory.dmp

                                                                                              Filesize

                                                                                              60KB

                                                                                            • memory/4788-8-0x0000000000400000-0x000000000070F000-memory.dmp

                                                                                              Filesize

                                                                                              3.1MB

                                                                                            • memory/4788-363-0x0000000000400000-0x000000000070F000-memory.dmp

                                                                                              Filesize

                                                                                              3.1MB

                                                                                            • memory/5356-3060-0x0000000000400000-0x00000000009C2000-memory.dmp

                                                                                              Filesize

                                                                                              5.8MB

                                                                                            We care about your privacy.

                                                                                            This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.