jigsaw | 67f9972005be1107407d1875f09086e779bc526a91ed18f95936eed046e600bb

System Information Discovery

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Control Panel\International\Geo\Nation	gsalfrh.exe

Deletes itself 1 IoCs

pid	Process
6896	drpbx.exe

Drops startup file 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SD9A83.tmp	ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SD9A8A.tmp	ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe

Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
persistence privilege_escalation

Component Object Model Hijacking
T1546.015

Executes dropped EXE 33 IoCs

pid	Process
4088	MicrosoftEdgeSetup.exe
2144	MicrosoftEdgeUpdate.exe
2788	MicrosoftEdgeUpdate.exe
3316	MicrosoftEdgeUpdate.exe
3424	MicrosoftEdgeUpdateComRegisterShell64.exe
4880	MicrosoftEdgeUpdateComRegisterShell64.exe
1504	MicrosoftEdgeUpdateComRegisterShell64.exe
2332	MicrosoftEdgeUpdate.exe
1956	MicrosoftEdgeUpdate.exe
2228	MicrosoftEdgeUpdate.exe
4596	MicrosoftEdgeUpdate.exe
5468	MicrosoftEdgeUpdate.exe
3996	MicrosoftEdgeUpdate.exe
5492	MicrosoftEdgeUpdateComRegisterShell64.exe
4376	MicrosoftEdgeUpdateComRegisterShell64.exe
2780	MicrosoftEdgeUpdateComRegisterShell64.exe
6824	jigsaw.exe
6896	drpbx.exe
6760	jigsaw.exe
5712	3372c1edab46837f1e973164fa2d726c5c5e17bcb888828ccd7c4dfcc234a370.exe
6916	gsalfrh.exe
4868	ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
6616	taskdl.exe
4708	@WanaDecryptor@.exe
4552	@WanaDecryptor@.exe
6568	taskhsvc.exe
4944	@WanaDecryptor@.exe
7128	taskdl.exe
6436	taskse.exe
3488	@WanaDecryptor@.exe
6176	taskdl.exe
5560	taskse.exe
6900	@WanaDecryptor@.exe

Loads dropped DLL 23 IoCs

pid	Process
2144	MicrosoftEdgeUpdate.exe
3424	MicrosoftEdgeUpdateComRegisterShell64.exe
3316	MicrosoftEdgeUpdate.exe
4880	MicrosoftEdgeUpdateComRegisterShell64.exe
3316	MicrosoftEdgeUpdate.exe
1504	MicrosoftEdgeUpdateComRegisterShell64.exe
3316	MicrosoftEdgeUpdate.exe
2228	MicrosoftEdgeUpdate.exe
1956	MicrosoftEdgeUpdate.exe
5492	MicrosoftEdgeUpdateComRegisterShell64.exe
3996	MicrosoftEdgeUpdate.exe
4376	MicrosoftEdgeUpdateComRegisterShell64.exe
3996	MicrosoftEdgeUpdate.exe
2780	MicrosoftEdgeUpdateComRegisterShell64.exe
3996	MicrosoftEdgeUpdate.exe
6568	taskhsvc.exe
6568	taskhsvc.exe
6568	taskhsvc.exe
6568	taskhsvc.exe
6568	taskhsvc.exe
6568	taskhsvc.exe
6568	taskhsvc.exe
6568	taskhsvc.exe

Modifies file permissions 1 TTPs 1 IoCs

discovery

File and Directory Permissions Modification

T1222

pid	Process
3004	icacls.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 4 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Windows\CurrentVersion\Run\firefox.exe = "C:\\Users\\Admin\\AppData\\Roaming\\Frfx\\firefox.exe"	jigsaw.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Windows\CurrentVersion\Run\firefox.exe = "C:\\Users\\Admin\\AppData\\Roaming\\Frfx\\firefox.exe"	jigsaw.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Windows\CurrentVersion\Run\crypto13 = "C:\\Users\\Admin\\AppData\\Roaming\\gsalfrh.exe"	gsalfrh.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\kxmrwtygyk434 = "\"C:\\Users\\Admin\\Desktop\\tasksche.exe\""	reg.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops desktop.ini file(s) 2 IoCs

description	ioc	Process
File created	C:\Windows\assembly\Desktop.ini	drpbx.exe
File opened for modification	C:\Windows\assembly\Desktop.ini	drpbx.exe

File and Directory Permissions Modification: Windows File and Directory Permissions Modification 1 TTPs
defense_evasion

Windows File and Directory Permissions Modification
T1222.001

Indicator Removal: Clear Persistence 1 TTPs 1 IoCs

remove IFEO.

defense_evasion

Clear Persistence

T1070.009

description	ioc	Process
Delete value	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation	MicrosoftEdgeUpdate.exe

Indicator Removal: File Deletion 1 TTPs
Adversaries may delete files left behind by the actions of their intrusion activity.
defense_evasion

File Deletion
T1070.004

Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs

Web Service

T1102

flow	ioc
178	raw.githubusercontent.com
179	raw.githubusercontent.com
180	raw.githubusercontent.com
181	raw.githubusercontent.com
284	raw.githubusercontent.com

Checks system information in the registry 2 TTPs 10 IoCs

System information is often read in order to detect sandboxing environments.

Query Registry

System Information Discovery

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer	MicrosoftEdgeUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName	MicrosoftEdgeUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer	MicrosoftEdgeUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName	MicrosoftEdgeUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer	MicrosoftEdgeUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName	MicrosoftEdgeUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName	MicrosoftEdgeUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer	MicrosoftEdgeUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName	MicrosoftEdgeUpdate.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer	MicrosoftEdgeUpdate.exe

Drops file in System32 directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData	MicrosoftEdgeUpdate.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.Security\Microsoft.PowerShell.Security.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_EnvironmentResource\ja-JP\MSFT_EnvironmentResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat	MicrosoftEdgeUpdate.exe
File opened for modification	C:\Windows\SysWOW64\de-DE\Licenses\OEM\Professional\license.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\ja-JP\default.help.txt	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppLocker\AppLocker.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\MsDtc\it-IT\TestDtc.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\GroupSet\GroupSet.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_GroupResource\uk-UA\MSFT_GroupResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\es-ES\PSDSCxMachine.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\es-ES\Licenses\_Default\Professional\license.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PrintManagement\PrintManagement.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WindowsOptionalFeature\ja-JP\MSFT_WindowsOptionalFeature.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\de-DE\Licenses\Volume\Professional\license.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\MsDtc\ja-JP\TestDtc.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\en-US\Licenses\Volume\Professional\license.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\MsDtc\fr-FR\TestDtc.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_EnvironmentResource\en-US\MSFT_EnvironmentResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ScriptResource\fr-FR\MSFT_ScriptResourceStrings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\ja-JP\Licenses\OEM\Professional\license.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Dism\Dism.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.Archive\ja-JP\ArchiveResources.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\uk-UA\PSDSCxMachine.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ArchiveResource\ja-JP\ArchiveProvider.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\fr-FR\Licenses\_Default\Professional\license.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BranchCache\BranchCache.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCClassResources\WindowsPackageCab\it-IT\WindowsPackageCab.Strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_GroupResource\ja-JP\MSFT_GroupResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_UserResource\ja-JP\MSFT_UserResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\es-ES\PSDesiredStateConfiguration.Resource.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft	MicrosoftEdgeUpdate.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Appx\Appx.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ArchiveResource\de-DE\ArchiveProvider.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\WindowsErrorReporting\WindowsErrorReporting.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_WindowsOptionalFeature\uk-UA\MSFT_WindowsOptionalFeature.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\es-ES\lpeula.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\MSDRM\MsoIrmProtector.ppt	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PKI\pki.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_EnvironmentResource\uk-UA\MSFT_EnvironmentResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\en-US\lpeula.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\fr-FR\lipeula.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\AppvClient.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCClassResources\WindowsPackageCab\ja-JP\WindowsPackageCab.Strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\it-IT\Licenses\Volume\Professional\license.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.ODataUtils\fr-FR\Microsoft.PowerShell.ODataUtilsStrings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\NetLbfo\NetLbfo.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ArchiveResource\es-ES\ArchiveProvider.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\@EnrollmentToastIcon.png	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\International\International.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\MsDtc\es-ES\TestDtc.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCClassResources\WindowsPackageCab\en-US\WindowsPackageCab.Strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_RoleResource\ja-JP\MSFT_RoleResourceStrings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_ArchiveResource\en-US\ArchiveProvider.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187	MicrosoftEdgeUpdate.exe
File opened for modification	C:\Windows\SysWOW64\it-IT\lipeula.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.Diagnostics\Microsoft.PowerShell.Diagnostics.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_RegistryResource\de-DE\MSFT_RegistryResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\Licenses\neutral\_Default\Professional\license.rtf	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.Archive\es-ES\ArchiveResources.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\de-DE\RunAsHelper.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_EnvironmentResource\fr-FR\MSFT_EnvironmentResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_EnvironmentResource\it-IT\MSFT_EnvironmentResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\SysWOW64\fr-FR\Licenses\Volume\Professional\license.rtf	gsalfrh.exe

Sets desktop wallpaper using registry 2 TTPs 3 IoCs

ransomware

Defacement

T1491

Modify Registry

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\HELP_TO_DECRYPT_YOUR_FILES.bmp"	gsalfrh.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@WanaDecryptor@.bmp"	ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@WanaDecryptor@.bmp"	@WanaDecryptor@.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1702.333.0_x64__8wekyb3d8bbwe\Assets\AlarmsAppList.targetsize-16_altform-unplated.png	gsalfrh.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef_extensions.pak	gsalfrh.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\css\main.css	gsalfrh.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\js\nls\tr-tr\ui-strings.js.fun	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubAppList.targetsize-32.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe\Assets\manifestAssets\Square44x44Logo.scale-100.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\Themes\Jumbo\jumbo_12s.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Designs\Flags\small\ag_16x11.png	gsalfrh.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-20_altform-unplated.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\ExchangeLargeTile.scale-400.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\Assets\GetStartedAppList.targetsize-16_altform-unplated_contrast-white.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\Themes\Beach\mask\11s.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5613_40x40x32.png	gsalfrh.exe
File opened for modification	C:\Program Files\ConvertFromMount.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCamera_2017.125.40.0_x64__8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.contrast-black_targetsize-96.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Car\RTL\contrast-black\WideTile.scale-200.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1702.333.0_x64__8wekyb3d8bbwe\Assets\AlarmsAppList.contrast-black_targetsize-30.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Assets\CalculatorAppList.contrast-black_targetsize-24.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Assets\PhotosAppList.contrast-white_targetsize-40.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\MapsAppList.targetsize-64_altform-unplated.png	gsalfrh.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\WelcomeCardRdr.png.fun	drpbx.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\pl-pl\ui-strings.js.fun	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubAppList.targetsize-40_contrast-white.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\Assets\WideLogo.scale-200.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\MainPageState2\awards_bp_920.jpg	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\GenericMailSmallTile.scale-150.png	drpbx.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\images\themeless\edit_pdf_poster.jpg	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Designs\Flags\large\gd_60x42.png	gsalfrh.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\images\themes\dark\rhp_world_icon_hover.png.fun	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-black\SmallTile.scale-200_contrast-black.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe\Assets\starttile.dualsim2.smile.scale-200.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Designs\Flags\large\so_60x42.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\HxA-Yahoo-Light.scale-300.png	gsalfrh.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\images\themeless\desktop_acrobat_logo.png.fun	drpbx.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\nls\sl-sl\ui-strings.js.fun	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2475_40x40x32.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\AppPackageAppList.targetsize-36_altform-unplated.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\ThemeCreation\Export.png	drpbx.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\ob-preview\js\nls\en-il\ui-strings.js.fun	drpbx.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\nls\uk-ua\ui-strings.js.fun	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\Tournament\Strike.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Designs\Flags\small\pw_16x11.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Arkadium.Win10.Awards\Assets\Awards_cup.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\StarClub\challenge_spider.jpg	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\Themes\Beach\mask\12s.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\HxA-Exchange.scale-125.png	gsalfrh.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\HxMailSmallTile.scale-150.png	drpbx.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\file_types\acrobat_pdf.svg.fun	drpbx.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\nls\cs-cz\ui-strings.js.fun	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3416_24x24x32.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8080_20x20x32.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe\Assets\GamesXboxHubAppList.targetsize-60_altform-unplated_contrast-white.png	drpbx.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\1033\WacLangPack2019Eula.txt	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Assets\CalculatorAppList.contrast-white_targetsize-16.png	drpbx.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\fss\img\themes\dark\adobe_sign_tag.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.WindowsCamera_2017.125.40.0_x64__8wekyb3d8bbwe\Assets\WindowsIcons\WindowsCameraAppList.contrast-black_targetsize-48.png	gsalfrh.exe
File opened for modification	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\send-for-sign\js\nls\uk-ua\ui-strings.js.fun	gsalfrh.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Integration\C2RManifest.officemui.msi.16.en-us.xml	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\OneNoteSectionMedTile.scale-125.png	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\Livetiles\MicrosoftSolitaireLargeTile.scale-125.jpg	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Designs\Flags\small\km_16x11.png	drpbx.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\nls\en-gb\ui-strings.js.fun	drpbx.exe
File opened for modification	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\LinkedInboxSmallTile.scale-125.png	gsalfrh.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.15063.0_none_224b97ad28ee338b\MicrosoftEdgeSquare150x150.scale-125_contrast-black.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-ppiprojection.appxmain_31bf3856ad364e35_10.0.15063.0_none_17719193ec542ada\Square150x150.contrast-white_Scale-100.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-ppiprojection.appxmain_31bf3856ad364e35_10.0.15063.0_none_17719193ec542ada\StoreLogo.Scale-140.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\HxA-Advanced-Light.scale-300.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\HxMailAppList.targetsize-80.png	gsalfrh.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\cache\Local\Desktop\15.js	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.WindowsCalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\CalculatorMedTile.contrast-black_scale-125.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.15063.0_none_224b97ad28ee338b\TabSweepExplanation.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppPackageMedTile.scale-200_contrast-white.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\Assets\Logos\StoreLogo\PaintApplist.scale-125.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft.powershel..resources.resources_31bf3856ad364e35_10.0.15063.0_it-it_1f8a5fb3b1206c07\MSFT_UserResource.strings.psd1	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedLargeTile.scale-200_contrast-white.png	gsalfrh.exe
File opened for modification	C:\Windows\MiracastView\Assets\splashscreen.contrast-white_scale-140.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-miracastview.appxmain_31bf3856ad364e35_10.0.15063.0_none_3d8834d7dbd2a689\logo.contrast-black.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\Assets\Images\Stickers\Thumbnails\Sticker_Icon_OwlEye.png	gsalfrh.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Assets\Icons\custom-Miantuan\WideTile.scale-400.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\x86_microsoft-windows-l..-lpksetup.resources_31bf3856ad364e35_10.0.15063.0_fr-fr_5400334db745332c\lpeula.rtf	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Place\contrast-white\WideTile.scale-100.png	gsalfrh.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.PPIProjection_cw5n1h2txyewy\Assets\StoreLogo.contrast-black_Scale-140.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-t..riventextservice-yi_31bf3856ad364e35_10.0.15063.0_none_52914cf6f7760703\TableTextServiceYi.txt	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\Manifests\msil_multipoint-wms.dashboardcommon.resources_31bf3856ad364e35_10.0.15063.0_ja-jp_c604efea30d9db5f.manifest	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\ExchangeSmallTile.scale-125.png	gsalfrh.exe
File opened for modification	C:\Windows\MiracastView\Assets\tilesmall.contrast-white_scale-180.png	gsalfrh.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\Microsoft.WinJS\js\base.js	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\Themes\Classic\classic_12c.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\GenericMailBadge.scale-200.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-ppiprojection.appxmain_31bf3856ad364e35_10.0.15063.0_none_17719193ec542ada\Square70x70.Scale-140.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-m..nt-browser.appxmain_31bf3856ad364e35_10.0.15063.0_none_0d07ce77359b6878\Square71x71Logo.contrast-black_scale-125.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-m..nt-browser.appxmain_31bf3856ad364e35_10.0.15063.0_none_0d07ce77359b6878\Wide310x150Logo.contrast-black_scale-200.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.15063.0_none_224b97ad28ee338b\MicrosoftEdgeSquare44x44.targetsize-30_contrast-black.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-shell-wallpaper-theme1_31bf3856ad364e35_10.0.15063.0_none_e7eddc45ddbcabc0\img1.jpg	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\184.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\Icons\privacy_policy.png	gsalfrh.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Assets\Places\NoPageFiller.scale-100.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-miracastview.appxmain_31bf3856ad364e35_10.0.15063.0_none_3d8834d7dbd2a689\tilesmall.scale-140.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-n..tcapture-powershell_31bf3856ad364e35_10.0.15063.0_none_a71bce8701cf4ff3\NetEventPacketCapture.psd1	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.SkypeApp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\SkypeApp\Assets\SkypeMedTile.scale-100_contrast-black.png	gsalfrh.exe
File opened for modification	C:\Windows\Media\Focus3_22050hz.raw	gsalfrh.exe
File opened for modification	C:\Windows\SystemApps\ContactSupport_cw5n1h2txyewy\Assets\MediumTile.scale-100.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-c..trast-black.cortana_31bf3856ad364e35_10.0.15063.0_none_8bb78df7f38275dd\AppListIcon.targetsize-96.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Work\LTR\contrast-white\MedTile.scale-200.png	gsalfrh.exe
File opened for modification	C:\Windows\SystemApps\Microsoft.PPIProjection_cw5n1h2txyewy\Assets\Square310x310.contrast-white_Scale-80.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-c..trast-black.cortana_31bf3856ad364e35_10.0.15063.0_none_d91126b413aa8ca0\AppListIcon.targetsize-16.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\PlaneCutKeepBoth.scale-140.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Assets\Audio\Skype_Call_Hold.m4a	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\Themes\Aquarium\aquarium_11s.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.15063.0_none_224b97ad28ee338b\MicrosoftEdgeSquare44x44.targetsize-80_altform-unplated_contrast-black.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\Awards\freecell\On_Parole_.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\HxCalendarLargeTile.scale-150.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.ZuneVideo_10.16112.11601.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-80_contrast-black.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-c...speechhelp.cortana_31bf3856ad364e35_10.0.15063.0_none_e1bce38acad169f7\SpeechHelp_AssistantEnabled_zh-CN.json	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-c..main.assets.cortana_31bf3856ad364e35_10.0.15063.0_none_e7716ec01fa1cfed\Splashscreen.contrast-black_scale-80.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.15063.0_none_2bd1e3a1cfd67be0\logo.contrast-black_scale-400.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\Assets\Office\ProjectionCylindric.scale-140.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.Messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\Assets\BadgeLogo.scale-150.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3009_20x20x32.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\RTL\contrast-black\SmallTile.scale-100.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe\Assets\Themes\Beach\beach_12d.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.Office.OneNote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\OneNotePageWideTile.scale-200.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.15063.0_none_13cc520b866eaf57\oobe-desktop.css	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c\SkypeApp\Designs\Flags\large\ee_60x42.png	gsalfrh.exe
File opened for modification	C:\Windows\InfusedApps\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\HxCalendarSplashLogo.scale-200.png	gsalfrh.exe
File opened for modification	C:\Windows\SystemResources\Windows.UI.AccountsControl\Images\Outlook.Theme-Dark_Scale-150.png	gsalfrh.exe
File opened for modification	C:\Windows\WinSxS\amd64_microsoft-windows-c..main.assets.cortana_31bf3856ad364e35_10.0.15063.0_none_e7716ec01fa1cfed\xdevice.forward.targetsize-32_contrast-black.png	gsalfrh.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 35 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeSetup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	wermgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	gsalfrh.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	wermgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	icacls.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskhsvc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	vssadmin.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	vssadmin.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	@WanaDecryptor@.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	reg.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	@WanaDecryptor@.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	@WanaDecryptor@.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	3372c1edab46837f1e973164fa2d726c5c5e17bcb888828ccd7c4dfcc234a370.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	attrib.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskdl.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	attrib.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WMIC.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskse.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	@WanaDecryptor@.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MicrosoftEdgeUpdate.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	@WanaDecryptor@.exe

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 3 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
2332	MicrosoftEdgeUpdate.exe
4596	MicrosoftEdgeUpdate.exe
5468	MicrosoftEdgeUpdate.exe

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

Peripheral Device Discovery

T1120

System Information Discovery

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

System Information Discovery

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe

Interacts with shadow copies 3 TTPs 2 IoCs

Shadow copies are often targeted by ransomware to inhibit system recovery.

ransomware

File Deletion

T1070.004

Inhibit System Recovery

T1490

Direct Volume Access

T1006

pid	Process
4436	vssadmin.exe
1136	vssadmin.exe

Modifies Control Panel 2 IoCs

evasion

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Control Panel\Desktop\WallpaperStyle = "0"	gsalfrh.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Control Panel\Desktop\TileWallpaper = "0"	gsalfrh.exe

Modifies Internet Explorer settings 1 TTPs 3 IoCs

adware spyware

Modify Registry

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies data under HKEY_USERS 23 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1"	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1"	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0"	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeUpdate.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache	MicrosoftEdgeUpdate.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1"	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0"	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1"	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1"	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1"	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache	MicrosoftEdgeUpdate.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}	MicrosoftEdgeUpdateComRegisterShell64.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{375D3B39-152A-41E1-BF1B-B648933F26D0}	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs	MicrosoftEdge.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "Update3COMClass"	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate"	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}"	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc\CLSID\ = "{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}"	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10"	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}	MicrosoftEdgeUpdateComRegisterShell64.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32	MicrosoftEdgeUpdateComRegisterShell64.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NUMMETHODS	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.15\\psmachine.dll"	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher"	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 5e520e666eebda01	MicrosoftEdge.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}"	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass\CLSID	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.15\\MicrosoftEdgeUpdateOnDemand.exe\""	MicrosoftEdgeUpdate.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}	MicrosoftEdgeUpdateComRegisterShell64.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand"	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc\CLSID	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7"	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32	MicrosoftEdgeUpdateComRegisterShell64.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NUMMETHODS	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\OneTimeCleanup = "1"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\AppID\MicrosoftEdgeUpdate.exe\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}"	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}"	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24"	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory	MicrosoftEdge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback	MicrosoftEdgeUpdate.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\CLASSES\INTERFACE\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NUMMETHODS	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\PersistedStorageItemTable\System\{2281B681-6FF0-4EF7-A4F4-42AC84B9AC9 = 2ce9f4596eebda01	browser_broker.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\VersionIndependentProgID	MicrosoftEdgeUpdate.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3WebMachine"	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\LocalServer32	MicrosoftEdgeUpdate.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}"	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}"	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}"	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}"	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}	MicrosoftEdgeUpdateComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\CurVer	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4"	MicrosoftEdgeUpdate.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}	MicrosoftEdgeUpdate.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\CLASSES\INTERFACE\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NUMMETHODS	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ = "ICoCreateAsyncStatus"	MicrosoftEdgeUpdateComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41"	MicrosoftEdgeUpdateComRegisterShell64.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback\CLSID	MicrosoftEdgeUpdate.exe

Modifies registry key 1 TTPs 1 IoCs

Modify Registry

pid	Process
5260	reg.exe

NTFS ADS 5 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\MicrosoftEdgeSetup.exe.8wr61oq.partial:Zone.Identifier	browser_broker.exe
File created	C:\Program Files (x86)\Microsoft\Temp\EU95FC.tmp\MicrosoftEdgeUpdateSetup.exe\:Zone.Identifier:$DATA	MicrosoftEdgeSetup.exe
File created	C:\Users\Admin\Downloads\Ransomware.TeslaCrypt.zip:Zone.Identifier	firefox.exe
File created	C:\Users\Admin\Downloads\Ransomware.Jigsaw.zip:Zone.Identifier	firefox.exe
File created	C:\Users\Admin\Downloads\Ransomware.WannaCry.zip:Zone.Identifier	firefox.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2144	MicrosoftEdgeUpdate.exe
2144	MicrosoftEdgeUpdate.exe
2144	MicrosoftEdgeUpdate.exe
2144	MicrosoftEdgeUpdate.exe
2144	MicrosoftEdgeUpdate.exe
2144	MicrosoftEdgeUpdate.exe
2144	MicrosoftEdgeUpdate.exe
2144	MicrosoftEdgeUpdate.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
6932	taskmgr.exe

Suspicious behavior: MapViewOfSection 8 IoCs

pid	Process
3984	MicrosoftEdgeCP.exe
3984	MicrosoftEdgeCP.exe
3984	MicrosoftEdgeCP.exe
3984	MicrosoftEdgeCP.exe
3984	MicrosoftEdgeCP.exe
3984	MicrosoftEdgeCP.exe
3984	MicrosoftEdgeCP.exe
3984	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	588	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	588	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	588	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	588	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	3468	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	3468	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	3468	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4844	MicrosoftEdge.exe
Token: SeDebugPrivilege	4844	MicrosoftEdge.exe
Token: SeDebugPrivilege	2144	MicrosoftEdgeUpdate.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeRestorePrivilege	1956	MicrosoftEdgeUpdate.exe
Token: SeBackupPrivilege	1956	MicrosoftEdgeUpdate.exe
Token: SeRestorePrivilege	2144	MicrosoftEdgeUpdate.exe
Token: SeBackupPrivilege	2144	MicrosoftEdgeUpdate.exe
Token: SeDebugPrivilege	2144	MicrosoftEdgeUpdate.exe
Token: SeDebugPrivilege	2144	MicrosoftEdgeUpdate.exe
Token: SeRestorePrivilege	6432	7zG.exe
Token: 35	6432	7zG.exe
Token: SeSecurityPrivilege	6432	7zG.exe
Token: SeSecurityPrivilege	6432	7zG.exe
Token: SeRestorePrivilege	6696	7zG.exe
Token: 35	6696	7zG.exe
Token: SeSecurityPrivilege	6696	7zG.exe
Token: SeSecurityPrivilege	6696	7zG.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeDebugPrivilege	6932	taskmgr.exe
Token: SeSystemProfilePrivilege	6932	taskmgr.exe
Token: SeCreateGlobalPrivilege	6932	taskmgr.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeBackupPrivilege	6784	vssvc.exe
Token: SeRestorePrivilege	6784	vssvc.exe
Token: SeAuditPrivilege	6784	vssvc.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeRestorePrivilege	6504	7zG.exe
Token: 35	6504	7zG.exe
Token: SeSecurityPrivilege	6504	7zG.exe
Token: SeSecurityPrivilege	6504	7zG.exe
Token: SeDebugPrivilege	3616	firefox.exe
Token: SeBackupPrivilege	6620	vssvc.exe
Token: SeRestorePrivilege	6620	vssvc.exe
Token: SeAuditPrivilege	6620	vssvc.exe
Token: SeIncreaseQuotaPrivilege	6744	WMIC.exe
Token: SeSecurityPrivilege	6744	WMIC.exe
Token: SeTakeOwnershipPrivilege	6744	WMIC.exe
Token: SeLoadDriverPrivilege	6744	WMIC.exe
Token: SeSystemProfilePrivilege	6744	WMIC.exe
Token: SeSystemtimePrivilege	6744	WMIC.exe
Token: SeProfSingleProcessPrivilege	6744	WMIC.exe
Token: SeIncBasePriorityPrivilege	6744	WMIC.exe
Token: SeCreatePagefilePrivilege	6744	WMIC.exe
Token: SeBackupPrivilege	6744	WMIC.exe
Token: SeRestorePrivilege	6744	WMIC.exe
Token: SeShutdownPrivilege	6744	WMIC.exe
Token: SeDebugPrivilege	6744	WMIC.exe
Token: SeSystemEnvironmentPrivilege	6744	WMIC.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
6432	7zG.exe
6696	7zG.exe
6896	drpbx.exe
6896	drpbx.exe
6896	drpbx.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe
6932	taskmgr.exe

Suspicious use of SetWindowsHookEx 32 IoCs

pid	Process
4844	MicrosoftEdge.exe
3984	MicrosoftEdgeCP.exe
588	MicrosoftEdgeCP.exe
3984	MicrosoftEdgeCP.exe
2968	MicrosoftEdgeCP.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
3616	firefox.exe
4708	@WanaDecryptor@.exe
4552	@WanaDecryptor@.exe
4708	@WanaDecryptor@.exe
4552	@WanaDecryptor@.exe
4944	@WanaDecryptor@.exe
4944	@WanaDecryptor@.exe
3488	@WanaDecryptor@.exe
6900	@WanaDecryptor@.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 2948	3984	MicrosoftEdgeCP.exe	82
PID 3984 wrote to memory of 2948	3984	MicrosoftEdgeCP.exe	82
PID 3984 wrote to memory of 2948	3984	MicrosoftEdgeCP.exe	82
PID 3984 wrote to memory of 2948	3984	MicrosoftEdgeCP.exe	82
PID 3984 wrote to memory of 2948	3984	MicrosoftEdgeCP.exe	82
PID 3984 wrote to memory of 2948	3984	MicrosoftEdgeCP.exe	82
PID 1660 wrote to memory of 4088	1660	browser_broker.exe	83
PID 1660 wrote to memory of 4088	1660	browser_broker.exe	83
PID 1660 wrote to memory of 4088	1660	browser_broker.exe	83
PID 4088 wrote to memory of 2144	4088	MicrosoftEdgeSetup.exe	85
PID 4088 wrote to memory of 2144	4088	MicrosoftEdgeSetup.exe	85
PID 4088 wrote to memory of 2144	4088	MicrosoftEdgeSetup.exe	85
PID 2144 wrote to memory of 2788	2144	MicrosoftEdgeUpdate.exe	86
PID 2144 wrote to memory of 2788	2144	MicrosoftEdgeUpdate.exe	86
PID 2144 wrote to memory of 2788	2144	MicrosoftEdgeUpdate.exe	86
PID 2144 wrote to memory of 3316	2144	MicrosoftEdgeUpdate.exe	87
PID 2144 wrote to memory of 3316	2144	MicrosoftEdgeUpdate.exe	87
PID 2144 wrote to memory of 3316	2144	MicrosoftEdgeUpdate.exe	87
PID 3316 wrote to memory of 3424	3316	MicrosoftEdgeUpdate.exe	88
PID 3316 wrote to memory of 3424	3316	MicrosoftEdgeUpdate.exe	88
PID 3316 wrote to memory of 4880	3316	MicrosoftEdgeUpdate.exe	89
PID 3316 wrote to memory of 4880	3316	MicrosoftEdgeUpdate.exe	89
PID 3316 wrote to memory of 1504	3316	MicrosoftEdgeUpdate.exe	90
PID 3316 wrote to memory of 1504	3316	MicrosoftEdgeUpdate.exe	90
PID 2144 wrote to memory of 2332	2144	MicrosoftEdgeUpdate.exe	91
PID 2144 wrote to memory of 2332	2144	MicrosoftEdgeUpdate.exe	91
PID 2144 wrote to memory of 2332	2144	MicrosoftEdgeUpdate.exe	91
PID 2144 wrote to memory of 1956	2144	MicrosoftEdgeUpdate.exe	92
PID 2144 wrote to memory of 1956	2144	MicrosoftEdgeUpdate.exe	92
PID 2144 wrote to memory of 1956	2144	MicrosoftEdgeUpdate.exe	92
PID 2228 wrote to memory of 4596	2228	MicrosoftEdgeUpdate.exe	95
PID 2228 wrote to memory of 4596	2228	MicrosoftEdgeUpdate.exe	95
PID 2228 wrote to memory of 4596	2228	MicrosoftEdgeUpdate.exe	95
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 3984 wrote to memory of 3468	3984	MicrosoftEdgeCP.exe	81
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 4324 wrote to memory of 3616	4324	firefox.exe	102
PID 3616 wrote to memory of 1220	3616	firefox.exe	103
PID 3616 wrote to memory of 1220	3616	firefox.exe	103
PID 3616 wrote to memory of 4336	3616	firefox.exe	104
PID 3616 wrote to memory of 4336	3616	firefox.exe	104

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

Views/modifies file attributes 1 TTPs 2 IoCs

evasion

Hidden Files and Directories

T1564.001

pid	Process
3452	attrib.exe
3540	attrib.exe

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\2BuVfqNL_400x400.jpg
1⤵
PID:2428

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4844

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- NTFS ADS
- Suspicious use of WriteProcessMemory
PID:1660
- C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\MicrosoftEdgeSetup.exe
  "C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\MicrosoftEdgeSetup.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - NTFS ADS
  - Suspicious use of WriteProcessMemory
  PID:4088
- - C:\Program Files (x86)\Microsoft\Temp\EU95FC.tmp\MicrosoftEdgeUpdate.exe
    "C:\Program Files (x86)\Microsoft\Temp\EU95FC.tmp\MicrosoftEdgeUpdate.exe" /installsource taggedmi /install "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&usagestats=0"
    3⤵
    - Event Triggered Execution: Image File Execution Options Injection
    - Executes dropped EXE
    - Loads dropped DLL
    - Indicator Removal: Clear Persistence
    - Checks system information in the registry
    - System Location Discovery: System Language Discovery
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:2144
  - - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
      "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      Modifies registry class
      PID:2788
  - - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
      "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      Modifies registry class
      Suspicious use of WriteProcessMemory
      PID:3316
    - - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe"
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:3424
    - - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe"
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:4880
    - - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe"
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:1504
  - - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
      "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMTUiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDg5RTM1NDQtM0E0Ny00N0VELTgyMTktRDg4RkRBM0QzNTI5fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0ie0E1ODc0NUQ2LTk2MjQtNDVBOS1CQjc1LTRCN0Y5QzkwMzhFM30iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTUwNjMuMCIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJRRU1VIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuMy4xOTUuMTUiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNjQ0OTQ0ODkzIiBpbnN0YWxsX3RpbWVfbXM9IjQ1MyIvPjwvYXBwPjwvcmVxdWVzdD4
      4⤵
      Executes dropped EXE
      Checks system information in the registry
      System Location Discovery: System Language Discovery
      System Network Configuration Discovery: Internet Connection Discovery
      PID:2332
  - - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
      "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&usagestats=0" /installsource taggedmi /sessionid "{089E3544-3A47-47ED-8219-D88FDA3D3529}"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      Suspicious use of AdjustPrivilegeToken
      PID:1956
    - - C:\Windows\SysWOW64\wermgr.exe
        
        "C:\Windows\system32\wermgr.exe" "-outproc" "0" "1956" "712" "812" "912" "0" "0" "0" "0" "0" "0" "0" "0"
        5⤵
        System Location Discovery: System Language Discovery
        
        PID:5564
  - - C:\Windows\SysWOW64\wermgr.exe
      "C:\Windows\system32\wermgr.exe" "-outproc" "0" "2144" "872" "1092" "648" "0" "0" "0" "0" "0" "0" "0" "0"
      4⤵
      System Location Discovery: System Language Discovery
      PID:5456
  - - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
      "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /unregserver
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      Modifies registry class
      PID:3996
    - - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe" /unregister
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:5492
    - - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe" /unregister
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4376
    - - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe" /unregister
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2780

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3984

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies Internet Explorer settings
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:588

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies Internet Explorer settings
- Suspicious use of AdjustPrivilegeToken
PID:3468

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
PID:2948

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks system information in the registry
- System Location Discovery: System Language Discovery
- Modifies data under HKEY_USERS
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
  "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMTUiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDg5RTM1NDQtM0E0Ny00N0VELTgyMTktRDg4RkRBM0QzNTI5fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QThBNDk0QTItQjg1RS00RDAzLUEyOTUtQTkyQTM0OUZDOTZFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xNTA2My4wIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IlFFTVUiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDt0eGdVQkhvbzZBUVNBL2Z5RTQ4c3lFWHF4MkorL3FzcWxHV3hpNHVmSFlrPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMTI4IiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTIyMzM3NDMiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1NjcwNjU1MjMyNDMxNjgiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MzI1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjY0OTYzMjM3NyIvPjwvYXBwPjwvcmVxdWVzdD4
  2⤵
  - Executes dropped EXE
  - Checks system information in the registry
  - Drops file in System32 directory
  - System Location Discovery: System Language Discovery
  - System Network Configuration Discovery: Internet Connection Discovery
  - Modifies data under HKEY_USERS
  PID:4596
- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
  "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMTUiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDg5RTM1NDQtM0E0Ny00N0VELTgyMTktRDg4RkRBM0QzNTI5fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezU2NDREREVDLUQ1NDMtNDdDMi04QTBELTNDQ0Q5MzUwNTFFNn0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTUwNjMuMCIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJRRU1VIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI3LjAuMjY1MS45OCIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI3MjEzMzY4NzYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjcyMTMzNjg3NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSI0IiBlcnJvcmNvZGU9Ii0yMTQ3MjE5NDQwIiBleHRyYWNvZGUxPSIyNjg0MzU0NjMiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0ODc1ODI1NzkxIiBpc19idW5kbGVkPSIwIiBzdGF0ZV9jYW5jZWxsZWQ9IjciIHRpbWVfc2luY2VfdXBkYXRlX2F2YWlsYWJsZV9tcz0iMjE1NDQ5IiB0aW1lX3NpbmNlX2Rvd25sb2FkX3N0YXJ0X21zPSIyMTU0NDkiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzIxOTQ0MCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQ4NzU4MjU3OTEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzUyOWE0MWNkLTVjMGMtNGNkMC04MDYxLWI3MWZlYWE4YTMzNj9QMT0xNzIzOTMxMDI2JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVhGMEpDdUI3cSUyYjdzaWVleWVVNmNEVkZ4JTJmamtCRnQ3REwwZk0wUmRLUWJLcUpkclV1VW9jRUhMbDJDQ2I1dzVudUNxV2JKeXd1MklxZXhKZnVXWUFBQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2OTg2ODY1MSIgdG90YWw9IjE3MjYwNjQwOCIgZG93bmxvYWRfdGltZV9tcz0iMjEzMTIxIi8-PC9hcHA-PC9yZXF1ZXN0Pg
  2⤵
  - Executes dropped EXE
  - Checks system information in the registry
  - Drops file in System32 directory
  - System Location Discovery: System Language Discovery
  - System Network Configuration Discovery: Internet Connection Discovery
  - Modifies data under HKEY_USERS
  PID:5468

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Suspicious use of SetWindowsHookEx
PID:2968

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4324
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - NTFS ADS
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:3616
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.0.1324718879\1226129120" -parentBuildID 20221007134813 -prefsHandle 1696 -prefMapHandle 1688 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2d03b033-0467-4901-9277-ae436003d9cc} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 1776 235ee5d9558 gpu
    3⤵
    PID:1220
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.1.1530705607\1576951490" -parentBuildID 20221007134813 -prefsHandle 2120 -prefMapHandle 2116 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4da6074d-dbb7-4520-87b0-4f0bd61affd4} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 2132 235ee132f58 socket
    3⤵
    PID:4336
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.2.1841336777\1500815652" -childID 1 -isForBrowser -prefsHandle 2832 -prefMapHandle 2848 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ca84bba9-73df-459d-839d-adaf385bc923} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 2824 235ee561558 tab
    3⤵
    PID:2868
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.3.518194746\289550273" -childID 2 -isForBrowser -prefsHandle 3504 -prefMapHandle 3500 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9c5203eb-1048-452d-a80e-775983041fe0} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 3484 235e3562b58 tab
    3⤵
    PID:4668
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.4.447178928\1109505680" -childID 3 -isForBrowser -prefsHandle 3916 -prefMapHandle 3748 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ff175ea0-451f-4b84-a618-5bd3892aa3cc} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 3928 235f3d33258 tab
    3⤵
    PID:3416
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.5.1523657766\1616993305" -childID 4 -isForBrowser -prefsHandle 4848 -prefMapHandle 4864 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3026cac-cfb1-4fe0-9b5f-ba8f9bb565c9} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 4840 235f4c09758 tab
    3⤵
    PID:5568
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.6.2078003553\393045885" -childID 5 -isForBrowser -prefsHandle 4992 -prefMapHandle 4996 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a49b4242-718e-4a04-bcc1-4c9d035764e0} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 4984 235f4cf7858 tab
    3⤵
    PID:5576
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.7.169016365\179399783" -childID 6 -isForBrowser -prefsHandle 5192 -prefMapHandle 5196 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {078bee0d-1521-4cc3-bfcd-bf490258b2c9} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 5184 235f59a0d58 tab
    3⤵
    PID:5584
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.8.1242717713\223727862" -childID 7 -isForBrowser -prefsHandle 3100 -prefMapHandle 3096 -prefsLen 27074 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5662d970-2793-4485-908b-6fe38fd697d1} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 5548 235f8b33158 tab
    3⤵
    PID:3628
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.9.1334879314\2049794783" -childID 8 -isForBrowser -prefsHandle 5492 -prefMapHandle 5496 -prefsLen 27074 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {896e9a28-e671-448c-a92b-861d1df4cf53} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 5500 235f4d74858 tab
    3⤵
    PID:1964
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.10.1029510022\845730934" -childID 9 -isForBrowser -prefsHandle 6240 -prefMapHandle 6264 -prefsLen 27074 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5f29f29f-732a-45de-abd2-5df85070c68b} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 6268 235f4c08b58 tab
    3⤵
    PID:6072
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.11.359415718\1873378931" -childID 10 -isForBrowser -prefsHandle 5616 -prefMapHandle 2612 -prefsLen 27074 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ed13009f-01ce-446d-a5ed-5267dfbb47e6} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 5856 235f5a1f958 tab
    3⤵
    PID:5400
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.12.1093827710\159161900" -childID 11 -isForBrowser -prefsHandle 2908 -prefMapHandle 5924 -prefsLen 27074 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc0c1e68-3a28-4b4a-a70a-51e5f4c294d7} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 2548 235f8c14258 tab
    3⤵
    PID:5452
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3616.13.1473509544\49959175" -childID 12 -isForBrowser -prefsHandle 4452 -prefMapHandle 2652 -prefsLen 27694 -prefMapSize 233444 -jsInitHandle 1108 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5a4b0414-6a38-45d7-a8e7-67408ae5c7c3} 3616 "\\.\pipe\gecko-crash-server-pipe.3616" 6896 235f59a2558 tab
    3⤵
    PID:5512

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5376

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\Ransomware.TeslaCrypt\" -ad -an -ai#7zMap27729:100:7zEvent5011
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:6432

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\Ransomware.Jigsaw\" -ad -an -ai#7zMap6166:92:7zEvent16818
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:6696

C:\Users\Admin\Desktop\Ransomware.Jigsaw\jigsaw.exe
"C:\Users\Admin\Desktop\Ransomware.Jigsaw\jigsaw.exe"
1⤵
- Executes dropped EXE
- Adds Run key to start application
PID:6824
- C:\Users\Admin\AppData\Local\Drpbx\drpbx.exe
  "C:\Users\Admin\AppData\Local\Drpbx\drpbx.exe" C:\Users\Admin\Desktop\Ransomware.Jigsaw\jigsaw.exe
  2⤵
  - Deletes itself
  - Executes dropped EXE
  - Drops desktop.ini file(s)
  - Drops file in Program Files directory
  - Suspicious use of FindShellTrayWindow
  PID:6896

C:\Users\Admin\Desktop\Ransomware.Jigsaw\jigsaw.exe
"C:\Users\Admin\Desktop\Ransomware.Jigsaw\jigsaw.exe"
1⤵
- Executes dropped EXE
- Adds Run key to start application
PID:6760

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Suspicious use of NtCreateProcessExOtherParentProcess
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:6932

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
PID:7144

C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\cd8e253b904e4860ad32d0e06df5464a /t 6900 /p 6896
1⤵
PID:6680

C:\Users\Admin\Desktop\Ransomware.TeslaCrypt\3372c1edab46837f1e973164fa2d726c5c5e17bcb888828ccd7c4dfcc234a370.exe
"C:\Users\Admin\Desktop\Ransomware.TeslaCrypt\3372c1edab46837f1e973164fa2d726c5c5e17bcb888828ccd7c4dfcc234a370.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:5712
- C:\Users\Admin\AppData\Roaming\gsalfrh.exe
  C:\Users\Admin\AppData\Roaming\gsalfrh.exe
  2⤵
  - Drops file in Drivers directory
  - Checks computer location settings
  - Executes dropped EXE
  - Adds Run key to start application
  - Drops file in System32 directory
  - Sets desktop wallpaper using registry
  - Drops file in Program Files directory
  - Drops file in Windows directory
  - System Location Discovery: System Language Discovery
  - Modifies Control Panel
  PID:6916
- - C:\Windows\SysWOW64\vssadmin.exe
    vssadmin delete shadows /all
    3⤵
    - System Location Discovery: System Language Discovery
    - Interacts with shadow copies
    PID:4436
- C:\Windows\SysWOW64\cmd.exe
  "C:\Windows\system32\cmd.exe" /c del C:\Users\Admin\Desktop\RANSOM~1.TES\3372C1~1.EXE >> NUL
  2⤵
  - System Location Discovery: System Language Discovery
  PID:4964

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:6784

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
PID:2340

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\Ransomware.WannaCry\" -ad -an -ai#7zMap7926:96:7zEvent24746
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:6504

C:\Users\Admin\Desktop\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
"C:\Users\Admin\Desktop\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe"
1⤵
- Drops startup file
- Executes dropped EXE
- Sets desktop wallpaper using registry
- System Location Discovery: System Language Discovery
PID:4868
- C:\Windows\SysWOW64\attrib.exe
  attrib +h .
  2⤵
  - System Location Discovery: System Language Discovery
  - Views/modifies file attributes
  PID:3452
- C:\Windows\SysWOW64\icacls.exe
  icacls . /grant Everyone:F /T /C /Q
  2⤵
  - Modifies file permissions
  - System Location Discovery: System Language Discovery
  PID:3004
- C:\Users\Admin\Desktop\taskdl.exe
  taskdl.exe
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:6616
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c 299171723327066.bat
  2⤵
  - System Location Discovery: System Language Discovery
  PID:6748
- C:\Windows\SysWOW64\attrib.exe
  attrib +h +s F:\$RECYCLE
  2⤵
  - System Location Discovery: System Language Discovery
  - Views/modifies file attributes
  PID:3540
- C:\Users\Admin\Desktop\@WanaDecryptor@.exe
  @WanaDecryptor@.exe co
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of SetWindowsHookEx
  PID:4708
- - C:\Users\Admin\Desktop\TaskData\Tor\taskhsvc.exe
    TaskData\Tor\taskhsvc.exe
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    PID:6568
- C:\Windows\SysWOW64\cmd.exe
  cmd.exe /c start /b @WanaDecryptor@.exe vs
  2⤵
  - System Location Discovery: System Language Discovery
  PID:5052
- - C:\Users\Admin\Desktop\@WanaDecryptor@.exe
    @WanaDecryptor@.exe vs
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Suspicious use of SetWindowsHookEx
    PID:4552
  - - C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
      4⤵
      System Location Discovery: System Language Discovery
      PID:6500
    - - C:\Windows\SysWOW64\vssadmin.exe
        
        vssadmin delete shadows /all /quiet
        5⤵
        System Location Discovery: System Language Discovery
        Interacts with shadow copies
        
        PID:1136
    - - C:\Windows\SysWOW64\Wbem\WMIC.exe
        
        wmic shadowcopy delete
        5⤵
        System Location Discovery: System Language Discovery
        Suspicious use of AdjustPrivilegeToken
        
        PID:6744
- C:\Users\Admin\Desktop\taskdl.exe
  taskdl.exe
  2⤵
  - Executes dropped EXE
  PID:7128
- C:\Users\Admin\Desktop\taskse.exe
  taskse.exe C:\Users\Admin\Desktop\@WanaDecryptor@.exe
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:6436
- C:\Users\Admin\Desktop\@WanaDecryptor@.exe
  @WanaDecryptor@.exe
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of SetWindowsHookEx
  PID:3488
- C:\Windows\SysWOW64\cmd.exe
  cmd.exe /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "kxmrwtygyk434" /t REG_SZ /d "\"C:\Users\Admin\Desktop\tasksche.exe\"" /f
  2⤵
  - System Location Discovery: System Language Discovery
  PID:2972
- - C:\Windows\SysWOW64\reg.exe
    reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "kxmrwtygyk434" /t REG_SZ /d "\"C:\Users\Admin\Desktop\tasksche.exe\"" /f
    3⤵
    - Adds Run key to start application
    - System Location Discovery: System Language Discovery
    - Modifies registry key
    PID:5260
- C:\Users\Admin\Desktop\taskdl.exe
  taskdl.exe
  2⤵
  - Executes dropped EXE
  PID:6176
- C:\Users\Admin\Desktop\taskse.exe
  taskse.exe C:\Users\Admin\Desktop\@WanaDecryptor@.exe
  2⤵
  - Executes dropped EXE
  PID:5560
- C:\Users\Admin\Desktop\@WanaDecryptor@.exe
  @WanaDecryptor@.exe
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of SetWindowsHookEx
  PID:6900

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:6620

C:\Users\Public\Desktop\@WanaDecryptor@.exe
"C:\Users\Public\Desktop\@WanaDecryptor@.exe"
1⤵
- Executes dropped EXE
- Sets desktop wallpaper using registry
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:4944

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Checks SCSI registry key(s)
PID:6312

Network

DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR
DNS

174.117.168.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

174.117.168.52.in-addr.arpa

IN PTR

Response
DNS

api.github.com

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

57.110.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.110.18.2.in-addr.arpa

IN PTR

Response

57.110.18.2.in-addr.arpa

IN PTR

a2-18-110-57deploystaticakamaitechnologiescom
DNS

www.microsoft.com

MicrosoftEdge.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

95.100.245.144
GET

https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ

MicrosoftEdgeCP.exe

Remote address:

95.100.245.144:443

Request

GET /en-us/edge/server/download?form=MA13FJ HTTP/2.0
host: www.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "9854-GFobyJqZspCQJzUZ6gHfBrceNIw"
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
content-security-policy: default-src 'self' https://edgestatic.azureedge.net https://*.microsoft.com; script-src 'self' 'self' 'unsafe-eval' 'unsafe-inline' https://ajax.aspnetcdn.com https://az725175.vo.msecnd.net https://*.microsoft.com https://mem.gfx.ms https://edgestatic.azureedge.net https://js.monitor.azure.com https://mwf-service.akamaized.net https://*.clarity.ms https://*.bing.com http://*.bing.com https://*.adnxs.com https://connect.facebook.net https://snap.licdn.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://*.microsoft.com https://statics-marketingsites-wcus-ms-com.akamaized.net https://statics-marketingsites-eus-ms-com.akamaized.net https://statics-marketingsites-neu-ms-com.akamaized.net https://statics-marketingsites-eas-ms-com.akamaized.net https://edgestatic.azureedge.net; font-src 'self' data: https://*.microsoft.com http://c.s-microsoft.com https://c.s-microsoft.com https://edgestatic.azureedge.net; connect-src 'self' http://*.microsoft.com https://*.microsoft.com https://*.bing.com https://*.clarity.ms https://js.monitor.azure.com https://edgestatic.azureedge.net https://consentreceiverfd-prod.azurefd.net https://cdn.linkedin.oribi.io https://*.linkedin.com https://boost.mediation.trafficmanager.net https://*.adnxs.com; frame-src 'self' http://*.microsoft.com https://*.microsoft.com https://*.msn.com https://*.msn.cn https://*.bing.com https://www.youtube-nocookie.com https://microsoft-store-10748068.azurewebsites.net; frame-ancestors 'self' https://*.microsoft.com https://*.bing.com chrome-untrusted://dual-search; img-src * data:; media-src 'self' https://edgestatic.azureedge.net
x-azure-ref: 20240810T214329Z-167f4bf9998wp72jmnysebbw6s00000006e000000001bwx0
date: Sat, 10 Aug 2024 21:43:29 GMT
content-length: 10873
vary: Accept-Encoding
tls_version: tls1.2
ms-cv: CASMicrosoftCVfd03941b.0
ms-cv-esi: CASMicrosoftCVfd03941b.0
x-rtag: RT
DNS

144.245.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

144.245.100.95.in-addr.arpa

IN PTR

Response

144.245.100.95.in-addr.arpa

IN PTR

a95-100-245-144deploystaticakamaitechnologiescom
DNS

ajax.aspnetcdn.com

MicrosoftEdgeCP.exe

Remote address:

8.8.8.8:53

Request

ajax.aspnetcdn.com

IN A

Response

ajax.aspnetcdn.com

IN CNAME

mscomajax.vo.msecnd.net

mscomajax.vo.msecnd.net

IN CNAME

cs22.wpc.v0cdn.net

cs22.wpc.v0cdn.net

IN A

152.199.19.160
DNS

edgestatic.azureedge.net

MicrosoftEdge.exe

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
GET

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.4.min.js

MicrosoftEdgeCP.exe

Remote address:

152.199.19.160:443

Request

GET /ajax/jQuery/jquery-3.6.4.min.js HTTP/2.0
host: ajax.aspnetcdn.com
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 11980456
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sat, 10 Aug 2024 21:43:29 GMT
etag: "06a6d6dc51d91:0"
last-modified: Wed, 08 Mar 2023 16:41:32 GMT
server: ECAcc (lhc/7965)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 31113
GET

https://ajax.aspnetcdn.com/ajax/jquery.ui/1.11.1/jquery-ui.min.js

MicrosoftEdgeCP.exe

Remote address:

152.199.19.160:443

Request

GET /ajax/jquery.ui/1.11.1/jquery-ui.min.js HTTP/2.0
host: ajax.aspnetcdn.com
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 12066253
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sat, 10 Aug 2024 21:43:29 GMT
etag: "0e5d372cc33d21:0"
last-modified: Mon, 31 Oct 2016 23:13:54 GMT
server: ECAcc (lhc/7940)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 63963
GET

https://edgestatic.azureedge.net/shared/edgeweb/css/b2275d2.css

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/css/b2275d2.css HTTP/2.0
host: edgestatic.azureedge.net
accept: text/css, */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"41032-1912dfb3f45"
last-modified: Wed, 07 Aug 2024 17:55:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u0z
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/css/5c176d7.css

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/css/5c176d7.css HTTP/2.0
host: edgestatic.azureedge.net
accept: text/css, */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"16369-190c6872200"
last-modified: Thu, 18 Jul 2024 15:47:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u10
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/css/97af919.css

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/css/97af919.css HTTP/2.0
host: edgestatic.azureedge.net
accept: text/css, */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"1b80-1912dfb3f54"
last-modified: Wed, 07 Aug 2024 17:55:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u12
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/css/f94b2c3.css

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/css/f94b2c3.css HTTP/2.0
host: edgestatic.azureedge.net
accept: text/css, */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"498-18c5b523407"
last-modified: Mon, 11 Dec 2023 23:59:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u0y
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/5d56b21.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/5d56b21.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"b9a-190c68c28a1"
last-modified: Thu, 18 Jul 2024 15:53:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u11
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/96ca61e.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/96ca61e.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"4a7b8-1912dfb3f73"
last-modified: Wed, 07 Aug 2024 17:55:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u15
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/b8f89d1.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/b8f89d1.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"18e407-1912dfb3f93"
last-modified: Wed, 07 Aug 2024 17:55:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u16
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/e286996.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/e286996.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"1a35bb-1912dfb3f93"
last-modified: Wed, 07 Aug 2024 17:55:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u17
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/761c495.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/761c495.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"831-1912e1e1135"
last-modified: Wed, 07 Aug 2024 18:33:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u13
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/f4d8389.js

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/f4d8389.js HTTP/2.0
host: edgestatic.azureedge.net
accept: application/javascript, */*;q=0.8
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"811c-1912e1e1125"
last-modified: Wed, 07 Aug 2024 18:33:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214329Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u14
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
content-encoding: br
GET

https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display-light.e452665.woff2

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/fonts/segoeui-vf-display-light.e452665.woff2 HTTP/2.0
host: edgestatic.azureedge.net
accept: */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.microsoft.com
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:30 GMT
content-type: font/woff2
content-length: 127700
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"1f2d4-18c5b5305d4"
last-modified: Tue, 12 Dec 2023 00:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214330Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u1w
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
GET

https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display-semilight.1338e9a.woff2

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/fonts/segoeui-vf-display-semilight.1338e9a.woff2 HTTP/2.0
host: edgestatic.azureedge.net
accept: */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.microsoft.com
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:30 GMT
content-type: font/woff2
content-length: 127348
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"1f174-18c5b5302f5"
last-modified: Tue, 12 Dec 2023 00:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214330Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u1x
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
GET

https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display.e85854a.woff2

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/fonts/segoeui-vf-display.e85854a.woff2 HTTP/2.0
host: edgestatic.azureedge.net
accept: */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.microsoft.com
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:30 GMT
content-type: font/woff2
content-length: 121824
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"1dbe0-18c5b53a150"
last-modified: Tue, 12 Dec 2023 00:00:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214330Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u1y
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
GET

https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display-semibold.1977a17.woff2

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/fonts/segoeui-vf-display-semibold.1977a17.woff2 HTTP/2.0
host: edgestatic.azureedge.net
accept: */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.microsoft.com
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:30 GMT
content-type: font/woff2
content-length: 129152
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"1f880-18c5b53a6a2"
last-modified: Tue, 12 Dec 2023 00:00:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214330Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u1z
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
GET

https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display-bold.2756fcb.woff2

MicrosoftEdgeCP.exe

Remote address:

13.107.246.64:443

Request

GET /shared/edgeweb/fonts/segoeui-vf-display-bold.2756fcb.woff2 HTTP/2.0
host: edgestatic.azureedge.net
accept: */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.microsoft.com
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:30 GMT
content-type: font/woff2
content-length: 125520
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"1ea50-18c5b58e871"
last-modified: Tue, 12 Dec 2023 00:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214330Z-154b59dbc6d4k5kg7m84cvh51w0000000220000000009u20
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
DNS

64.246.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.246.107.13.in-addr.arpa

IN PTR

Response
GET

https://edgestatic.azureedge.net/welcome/static/favicon.png

MicrosoftEdge.exe

Remote address:

13.107.246.64:443

Request

GET /welcome/static/favicon.png HTTP/2.0
host: edgestatic.azureedge.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:43:31 GMT
content-type: image/png
content-length: 7904
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
etag: W/"1ee0-18c5b580101"
last-modified: Tue, 12 Dec 2023 00:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
origin-agent-cluster: ?1
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-azure-ref: 20240810T214331Z-154b59dbc6d9w795z6ern45hp8000000044g000000000efw
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
DNS

msedge.sf.dl.delivery.mp.microsoft.com

MicrosoftEdgeCP.exe

Remote address:

8.8.8.8:53

Request

msedge.sf.dl.delivery.mp.microsoft.com

IN A

Response

msedge.sf.dl.delivery.mp.microsoft.com

IN CNAME

star.sf.dl.delivery.mp.microsoft.com.delivery.microsoft.com

star.sf.dl.delivery.mp.microsoft.com.delivery.microsoft.com

IN CNAME

cdp-f-ssl-nlu-net.trafficmanager.net

cdp-f-ssl-nlu-net.trafficmanager.net

IN CNAME

wildcard-ssl.azureedge.net

wildcard-ssl.azureedge.net

IN CNAME

wildcard-ssl.ec.azureedge.net

wildcard-ssl.ec.azureedge.net

IN CNAME

scdn1f003.wpc.ad629.nucdn.net

scdn1f003.wpc.ad629.nucdn.net

IN CNAME

sni1gl.wpc.nucdn.net

sni1gl.wpc.nucdn.net

IN A

152.199.21.175
GET

https://msedge.sf.dl.delivery.mp.microsoft.com/filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe

MicrosoftEdgeCP.exe

Remote address:

152.199.21.175:443

Request

GET /filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe HTTP/2.0
host: msedge.sf.dl.delivery.mp.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1101919
cache-control: public, max-age=17280000
content-type: application/octet-stream
date: Sat, 10 Aug 2024 21:43:32 GMT
etag: "pVwADCJ3oWI4QllR2BuIWb7CXxA="
last-modified: Mon, 29 Jul 2024 03:34:50 GMT
ms-correlationid: 7eb75fba-78a3-46b2-838a-786c3a6432cb
ms-cv: e675jACPdEmWXz4Q.0
ms-requestid: 58fb51bc-8775-4645-a987-b2a189d3bb98
server: ECAcc (lhc/7961)
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.3
x-cache: HIT
x-ccc: GB
x-cid: 11
x-powered-by: ASP.NET
x-powered-by: ARR/3.0
x-powered-by: ASP.NET
content-length: 1647016
GET

https://msedge.sf.dl.delivery.mp.microsoft.com/filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe

MicrosoftEdgeCP.exe

Remote address:

152.199.21.175:443

Request

GET /filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe HTTP/2.0
host: msedge.sf.dl.delivery.mp.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1101919
cache-control: public, max-age=17280000
content-type: application/octet-stream
date: Sat, 10 Aug 2024 21:43:32 GMT
etag: "pVwADCJ3oWI4QllR2BuIWb7CXxA="
last-modified: Mon, 29 Jul 2024 03:34:50 GMT
ms-correlationid: 7eb75fba-78a3-46b2-838a-786c3a6432cb
ms-cv: e675jACPdEmWXz4Q.0
ms-requestid: 58fb51bc-8775-4645-a987-b2a189d3bb98
server: ECAcc (lhc/7961)
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.3
x-cache: HIT
x-ccc: GB
x-cid: 11
x-powered-by: ASP.NET
x-powered-by: ARR/3.0
x-powered-by: ASP.NET
content-length: 1647016
GET

https://msedge.sf.dl.delivery.mp.microsoft.com/filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe

MicrosoftEdgeCP.exe

Remote address:

152.199.21.175:443

Request

GET /filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe HTTP/2.0
host: msedge.sf.dl.delivery.mp.microsoft.com
accept: text/html, application/xhtml+xml, image/jxr, */*
referer: https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1101921
cache-control: public, max-age=17280000
content-type: application/octet-stream
date: Sat, 10 Aug 2024 21:43:34 GMT
etag: "pVwADCJ3oWI4QllR2BuIWb7CXxA="
last-modified: Mon, 29 Jul 2024 03:34:50 GMT
ms-correlationid: 7eb75fba-78a3-46b2-838a-786c3a6432cb
ms-cv: e675jACPdEmWXz4Q.0
ms-requestid: 58fb51bc-8775-4645-a987-b2a189d3bb98
server: ECAcc (lhc/7961)
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.3
x-cache: HIT
x-ccc: GB
x-cid: 11
x-powered-by: ASP.NET
x-powered-by: ARR/3.0
x-powered-by: ASP.NET
content-length: 1647016
DNS

175.21.199.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.21.199.152.in-addr.arpa

IN PTR

Response
DNS

253.15.104.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

253.15.104.51.in-addr.arpa

IN PTR

Response
DNS

www.msn.com

MicrosoftEdge.exe

Remote address:

8.8.8.8:53

Request

www.msn.com

IN A

Response

www.msn.com

IN CNAME

www-msn-com.a-0003.a-msedge.net

www-msn-com.a-0003.a-msedge.net

IN CNAME

a-0003.a-msedge.net

a-0003.a-msedge.net

IN A

204.79.197.203
GET

https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

MicrosoftEdgeCP.exe

Remote address:

204.79.197.203:443

Request

GET /spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default HTTP/2.0
host: www.msn.com
accept: text/html, application/xhtml+xml, image/jxr, */*
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A28%3A10+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; sptmarket=en-US|US|gb|en-gb|en-gb|en||RefA=BE072A2D29CA44A4956EA1CFE9EDFA2F.RefC=2024-04-04T13:28:10Z; MUIDB=160C54256D446C232E4B40726CE86D50

Response

HTTP/2.0 200

cache-control: max-age=0, private
content-length: 65926
content-type: text/html; charset=utf-8
set-cookie: _C_ETH=1; domain=.msn.com; path=/; secure; httponly
set-cookie: _C_Auth=
set-cookie: sptmarket=en-US|US|gb|en-gb|en-gb|en||cf=8|RefA=BE072A2D29CA44A4956EA1CFE9EDFA2F.RefC=2024-04-04T13:28:10Z; expires=Mon, 10 Aug 2026 21:43:41 GMT; path=/
set-cookie: _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142; domain=.msn.com; path=/; httponly
access-control-allow-methods: HEAD,GET,OPTIONS
x-ceto-origin-forwardonerror: https://staticview.msn.com
content-security-policy: child-src 'self';connect-src 'self' *.mavideo.microsoft.com arc.msn.com assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn browser.events.data.msn.com browser.events.data.msn.cn browser.events.data.microsoftstart.com browser.events.data.microsoftstart.cn business.bing.com/api/ events-sandbox.data.msn.com events-sandbox.data.msn.cn events-sandbox.data.microsoftstart.com events-sandbox.data.microsoftstart.cn finance-services.msn.com https://bingretailmsndata.azureedge.net/msndata/ https://petrol.office.microsoft.com/v1/feedback https://privacyportal.onetrust.com/request/v1/consentreceipts https://services.bingapis.com img-s-msn-com.akamaized.net login.microsoftonline.com notification.services.msn.com ris.api.iris.microsoft.com srtb.msn.com srtb.msn.cn usgov.business.bing.com/api/ www.bing.com/HPImageArchive.aspx www.bing.com/api/custom/opal/reco/ www.bing.com/api/v1/mediation/tracking www.bing.com/api/v1/mediation/trends www.bing.com/as/ www.bing.com/AS/Suggestions www.bing.com/AS/Suggestions/v2 www.bing.com/historyHandler www.bing.com/profile/history/data www.bing.com/retail/msn/api/shopcard www.bing.com/retailexp/msn/api/ www.bing.com/retailexpdata/msndata/ www.bing.com/th www.msn.com www.microsoftstart.com *.oneservice.msn.com *.oneservice.msn.cn api.msn.com api.msn.cn ent-api.msn.com ent-api.msn.cn ppe-api.msn.com ppe-api.msn.cn graph.microsoft.com/v1.0/;default-src 'none';font-src 'self' assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn;frame-src login.live.com login.microsoftonline.com www.bing.com/shop www.bing.com/shop/halloween www.bing.com/videos/search;img-src https://* blob: data:;report-to csp-endpoint;style-src 'self' 'unsafe-inline' c.s-microsoft.com/mscc/ assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn;worker-src 'self' 'report-sample';script-src 'self' 'report-sample' assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn c.s-microsoft.com/mscc/ https://clarity.microsoft.com/js/879b55d3-7b96-457b-af7c-03a114c2ae20 platform.bing.com/geo/AutoSuggest/v1 www.bing.com/as/ www.bing.com/s/as/ 'unsafe-inline'
x-robots-tag: noindex
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1
x-ua-compatible: IE=Edge;chrome=1
x-fabric-cluster: pmeprodneu
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.5}
strict-transport-security: max-age=1209600; includeSubDomains; preload
x-ceto-ref: 66b7df0d83974248be70dd7833208f79|AFD:D8185B662CDC4949B1472FFA8DFE0DBA|2024-08-10T21:43:41.644Z
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8185B662CDC4949B1472FFA8DFE0DBA Ref B: LON04EDGE0609 Ref C: 2024-08-10T21:43:41Z
date: Sat, 10 Aug 2024 21:43:40 GMT
GET

https://www.msn.com/bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

MicrosoftEdgeCP.exe

Remote address:

204.79.197.203:443

Request

GET /bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default HTTP/2.0
host: www.msn.com
accept: */*
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.msn.com
accept-encoding: gzip, deflate, br
cookie: USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Aug+10+2024+21%3A43%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; _C_ETH=1; _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142; sptmarket=en-US|US|gb|en-gb|en-gb|en||cf=8|RefA=BE072A2D29CA44A4956EA1CFE9EDFA2F.RefC=2024-04-04T13:28:10Z; MUIDB=160C54256D446C232E4B40726CE86D50

Response

HTTP/2.0 200

cache-control: no-cache, no-store, no-transform
content-length: 70
content-type: text/cache-manifest
content-encoding: gzip
content-md5: Rqmsx87pIMK1GFYNCRhAAQ==
last-modified: Mon, 26 Jul 2021 22:20:05 GMT
etag: 0x8D9508385701DBF
vary: Origin
x-ms-request-id: 1030c6a6-101e-00fa-4128-bfc1fe000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
akamai-request-bc: [a=2.18.26.197,b=1485418565,c=g,n=GB_EN_SLOUGH,o=20940]
server-timing: clientrtt; dur=0, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 2.18.26.197
akamai-request-id: 5889b045
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
akamai-grn: 0.c51a1202.1723326222.5889b045
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3BBD374FACB42E897E4C41CE5083B51 Ref B: LON04EDGE0609 Ref C: 2024-08-10T21:43:42Z
date: Sat, 10 Aug 2024 21:43:41 GMT
GET

https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

MicrosoftEdgeCP.exe

Remote address:

204.79.197.203:443

Request

GET /spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default HTTP/2.0
host: www.msn.com
accept: */*
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: _C_Auth=; USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Aug+10+2024+21%3A43%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; _C_ETH=1; _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142; sptmarket=en-US|US|gb|en-gb|en-gb|en||cf=8|RefA=BE072A2D29CA44A4956EA1CFE9EDFA2F.RefC=2024-04-04T13:28:10Z; MUIDB=160C54256D446C232E4B40726CE86D50

Response

HTTP/2.0 200

cache-control: max-age=0, private
content-length: 65935
content-type: text/html; charset=utf-8
set-cookie: _C_ETH=1; expires=Fri, 09 Aug 2024 21:43:42 GMT; domain=.msn.com; path=/; secure; httponly
set-cookie: _C_Auth=
set-cookie: _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142; domain=.msn.com; path=/; httponly
access-control-allow-methods: HEAD,GET,OPTIONS
x-ceto-origin-forwardonerror: https://staticview.msn.com
content-security-policy: child-src 'self';connect-src 'self' *.mavideo.microsoft.com arc.msn.com assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn browser.events.data.msn.com browser.events.data.msn.cn browser.events.data.microsoftstart.com browser.events.data.microsoftstart.cn business.bing.com/api/ events-sandbox.data.msn.com events-sandbox.data.msn.cn events-sandbox.data.microsoftstart.com events-sandbox.data.microsoftstart.cn finance-services.msn.com https://bingretailmsndata.azureedge.net/msndata/ https://petrol.office.microsoft.com/v1/feedback https://privacyportal.onetrust.com/request/v1/consentreceipts https://services.bingapis.com img-s-msn-com.akamaized.net login.microsoftonline.com notification.services.msn.com ris.api.iris.microsoft.com srtb.msn.com srtb.msn.cn usgov.business.bing.com/api/ www.bing.com/HPImageArchive.aspx www.bing.com/api/custom/opal/reco/ www.bing.com/api/v1/mediation/tracking www.bing.com/api/v1/mediation/trends www.bing.com/as/ www.bing.com/AS/Suggestions www.bing.com/AS/Suggestions/v2 www.bing.com/historyHandler www.bing.com/profile/history/data www.bing.com/retail/msn/api/shopcard www.bing.com/retailexp/msn/api/ www.bing.com/retailexpdata/msndata/ www.bing.com/th www.msn.com www.microsoftstart.com *.oneservice.msn.com *.oneservice.msn.cn api.msn.com api.msn.cn ent-api.msn.com ent-api.msn.cn ppe-api.msn.com ppe-api.msn.cn graph.microsoft.com/v1.0/;default-src 'none';font-src 'self' assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn;frame-src login.live.com login.microsoftonline.com www.bing.com/shop www.bing.com/shop/halloween www.bing.com/videos/search;img-src https://* blob: data:;report-to csp-endpoint;style-src 'self' 'unsafe-inline' c.s-microsoft.com/mscc/ assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn;worker-src 'self' 'report-sample';script-src 'self' 'report-sample' assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn c.s-microsoft.com/mscc/ https://clarity.microsoft.com/js/879b55d3-7b96-457b-af7c-03a114c2ae20 platform.bing.com/geo/AutoSuggest/v1 www.bing.com/as/ www.bing.com/s/as/ 'unsafe-inline'
x-robots-tag: noindex
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1
x-ua-compatible: IE=Edge;chrome=1
x-fabric-cluster: pmeprodneu
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.5}
strict-transport-security: max-age=1209600; includeSubDomains; preload
x-ceto-ref: 66b7df0e685f466890b406b0fc5278f2|AFD:324113CE38D14893AB4593D3086A54DE|2024-08-10T21:43:42.964Z
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 324113CE38D14893AB4593D3086A54DE Ref B: LON04EDGE0609 Ref C: 2024-08-10T21:43:42Z
date: Sat, 10 Aug 2024 21:43:42 GMT
GET

https://www.msn.com/bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

MicrosoftEdgeCP.exe

Remote address:

204.79.197.203:443

Request

GET /bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default HTTP/2.0
host: www.msn.com
accept: */*
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.msn.com
accept-encoding: gzip, deflate, br
cookie: USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Aug+10+2024+21%3A43%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142; sptmarket=en-US|US|gb|en-gb|en-gb|en||cf=8|RefA=BE072A2D29CA44A4956EA1CFE9EDFA2F.RefC=2024-04-04T13:28:10Z; MUIDB=160C54256D446C232E4B40726CE86D50

Response

HTTP/2.0 200

cache-control: no-cache, no-store, no-transform
content-length: 70
content-type: text/cache-manifest
content-encoding: gzip
content-md5: Rqmsx87pIMK1GFYNCRhAAQ==
last-modified: Mon, 26 Jul 2021 22:20:05 GMT
etag: 0x8D9508385701DBF
vary: Origin
x-ms-request-id: 1030c6a6-101e-00fa-4128-bfc1fe000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
akamai-request-bc: [a=2.18.26.197,b=1485423049,c=g,n=GB_EN_SLOUGH,o=20940]
server-timing: clientrtt; dur=0, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 2.18.26.197
akamai-request-id: 5889c1c9
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
akamai-grn: 0.c51a1202.1723326223.5889c1c9
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2EDDA05B5FCE4A049BCBB19E70E60900 Ref B: LON04EDGE0609 Ref C: 2024-08-10T21:43:43Z
date: Sat, 10 Aug 2024 21:43:42 GMT
DNS

assets.msn.com

MicrosoftEdgeCP.exe

Remote address:

8.8.8.8:53

Request

assets.msn.com

IN A

Response

assets.msn.com

IN CNAME

assets.msn.com.edgekey.net

assets.msn.com.edgekey.net

IN CNAME

e28578.d.akamaiedge.net

e28578.d.akamaiedge.net

IN A

95.101.143.105

e28578.d.akamaiedge.net

IN A

95.101.143.242
DNS

browser.events.data.msn.com

MicrosoftEdgeCP.exe

Remote address:

8.8.8.8:53

Request

browser.events.data.msn.com

IN A

Response

browser.events.data.msn.com

IN CNAME

global.asimov.events.data.trafficmanager.net

global.asimov.events.data.trafficmanager.net

IN CNAME

onedscolprdcus03.centralus.cloudapp.azure.com

onedscolprdcus03.centralus.cloudapp.azure.com

IN A

13.89.178.27
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/otSDKStub.js

MicrosoftEdgeCP.exe

Remote address:

95.101.143.105:443

Request

GET /staticsb/statics/latest/oneTrust/1.9/scripttemplates/otSDKStub.js HTTP/2.0
host: assets.msn.com
accept: application/javascript, */*;q=0.8
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A28%3A10+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; _C_ETH=1; _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: SrH4iQ0luJkTRyZ3V7l1ZA==
last-modified: Fri, 09 Aug 2024 06:14:06 GMT
etag: 0x8DCB83A79658C90
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3af7420a-d01e-0007-3978-ea367c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Sat, 10 Aug 2024 21:43:42 GMT
content-length: 7369
akamai-request-bc: [a=95.101.143.101,b=25375534,c=g,n=GB_EN_LONDON,o=20940]
server-timing: clientrtt; dur=51, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 95.101.143.101
akamai-request-id: 183332e
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
akamai-grn: 0.658f655f.1723326221.183332e
vary: Origin
GET

https://assets.msn.com/bundles/v1/edge/latest/common.5dd7cff85de67632bfd7.js

MicrosoftEdgeCP.exe

Remote address:

95.101.143.105:443

Request

GET /bundles/v1/edge/latest/common.5dd7cff85de67632bfd7.js HTTP/2.0
host: assets.msn.com
accept: application/javascript, */*;q=0.8
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.msn.com
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

content-length: 161886
content-md5: 4Qqx/5ghQW9cUY3TgpoINQ==
last-modified: Mon, 26 Jul 2021 22:18:30 GMT
etag: 0x8D950834C94BC27
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 39561431-001e-00cf-5ed0-7067e5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Sat, 10 Aug 2024 21:43:42 GMT
akamai-request-bc: [a=95.101.143.101,b=25375535,c=g,n=GB_EN_LONDON,o=20940]
server-timing: clientrtt; dur=51, clienttt; dur=1, origin; dur=0, cdntime; dur=1, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 95.101.143.101
akamai-request-id: 183332f
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
akamai-grn: 0.658f655f.1723326222.183332f
vary: Origin
GET

https://assets.msn.com/bundles/v1/edge/latest/vendors.c47bf4f4981f23895ddb.js

MicrosoftEdgeCP.exe

Remote address:

95.101.143.105:443

Request

GET /bundles/v1/edge/latest/vendors.c47bf4f4981f23895ddb.js HTTP/2.0
host: assets.msn.com
accept: application/javascript, */*;q=0.8
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.msn.com
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

content-length: 53557
content-md5: YrPejprI4tG+2X4ekLKlAg==
last-modified: Mon, 26 Jul 2021 22:19:35 GMT
etag: 0x8D9508373717114
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: facf2bbe-701e-003c-1fc8-58bfb6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Sat, 10 Aug 2024 21:43:42 GMT
akamai-request-bc: [a=95.101.143.101,b=25375536,c=g,n=GB_EN_LONDON,o=20940]
server-timing: clientrtt; dur=51, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 95.101.143.101
akamai-request-id: 1833330
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
akamai-grn: 0.658f655f.1723326222.1833330
vary: Origin
GET

https://assets.msn.com/bundles/v1/edge/latest/microsoft.8aa91a5fe4f5d8517ae1.js

MicrosoftEdgeCP.exe

Remote address:

95.101.143.105:443

Request

GET /bundles/v1/edge/latest/microsoft.8aa91a5fe4f5d8517ae1.js HTTP/2.0
host: assets.msn.com
accept: application/javascript, */*;q=0.8
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
origin: https://www.msn.com
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

content-length: 33972
content-md5: YzySdh8ykm7KVsyrxDpMLg==
last-modified: Mon, 26 Jul 2021 22:18:52 GMT
etag: 0x8D9508359704919
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b489f3f8-901e-00b6-5b75-65e6f6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Sat, 10 Aug 2024 21:43:42 GMT
akamai-request-bc: [a=95.101.143.101,b=25375537,c=g,n=GB_EN_LONDON,o=20940]
server-timing: clientrtt; dur=51, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 95.101.143.101
akamai-request-id: 1833331
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
akamai-grn: 0.658f655f.1723326222.1833331
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/55a804ab-e5c6-4b97-9319-86263d365d28.json

MicrosoftEdgeCP.exe

Remote address:

95.101.143.105:443

Request

GET /staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/55a804ab-e5c6-4b97-9319-86263d365d28.json HTTP/2.0
host: assets.msn.com
accept: */*
origin: https://www.msn.com
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

content-type: application/json
content-md5: tBDiswOqCRnxNKBPFOr30w==
last-modified: Fri, 09 Aug 2024 06:14:18 GMT
etag: 0x8DCB83A80957425
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 07a46457-601e-0002-32a3-eae4a7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Sat, 10 Aug 2024 21:43:42 GMT
content-length: 1854
akamai-request-bc: [a=95.101.143.101,b=25375570,c=g,n=GB_EN_LONDON,o=20940]
server-timing: clientrtt; dur=48, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 95.101.143.101
akamai-request-id: 1833352
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
akamai-grn: 0.658f655f.1723326222.1833352
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otBannerSdk.js

MicrosoftEdgeCP.exe

Remote address:

95.101.143.105:443

Request

GET /staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otBannerSdk.js HTTP/2.0
host: assets.msn.com
accept: application/javascript, */*;q=0.8
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A28%3A10+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; _C_ETH=1; _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: lAfvoXufoJKI/4M+6xEcxw==
last-modified: Fri, 09 Aug 2024 06:14:17 GMT
etag: 0x8DCB83A7FD6A45A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 31d5b97c-a01e-0003-59c8-ea130b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
content-length: 105160
date: Sat, 10 Aug 2024 21:43:42 GMT
akamai-request-bc: [a=95.101.143.101,b=25375719,c=g,n=GB_EN_LONDON,o=20940]
server-timing: clientrtt; dur=55, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 95.101.143.101
akamai-request-id: 18333e7
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
akamai-grn: 0.658f655f.1723326222.18333e7
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/e51556d4-5848-4a4b-a5e2-bc98431e1bf7/en-gb.json

MicrosoftEdgeCP.exe

Remote address:

95.101.143.105:443

Request

GET /staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/e51556d4-5848-4a4b-a5e2-bc98431e1bf7/en-gb.json HTTP/2.0
host: assets.msn.com
accept: */*
origin: https://www.msn.com
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

content-type: application/json
content-md5: iB7GIl1dfVgN/rIFCQoYvg==
last-modified: Fri, 09 Aug 2024 06:14:09 GMT
etag: 0x8DCB83A7B0EC608
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 93fa9c65-801e-0055-7b4a-eaabf6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Sat, 10 Aug 2024 21:43:42 GMT
content-length: 67471
akamai-request-bc: [a=95.101.143.101,b=25375761,c=g,n=GB_EN_LONDON,o=20940]
server-timing: clientrtt; dur=49, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 95.101.143.101
akamai-request-id: 1833411
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
akamai-grn: 0.658f655f.1723326222.1833411
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2V2Data.json

MicrosoftEdgeCP.exe

Remote address:

95.101.143.105:443

Request

GET /staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2V2Data.json HTTP/2.0
host: assets.msn.com
accept: */*
origin: https://www.msn.com
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br

Response

HTTP/2.0 200

content-type: application/json
content-md5: Z3GVmx0mQbhR0PePNnG6TQ==
last-modified: Fri, 09 Aug 2024 06:14:22 GMT
etag: 0x8DCB83A82D27F06
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 43e2f6b7-d01e-00de-7686-eaaf9b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Sat, 10 Aug 2024 21:43:42 GMT
content-length: 20340
akamai-request-bc: [a=95.101.143.101,b=25375760,c=g,n=GB_EN_LONDON,o=20940]
server-timing: clientrtt; dur=49, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 95.101.143.101
akamai-request-id: 1833410
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
akamai-grn: 0.658f655f.1723326222.1833410
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otTCF.js

MicrosoftEdgeCP.exe

Remote address:

95.101.143.105:443

Request

GET /staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otTCF.js HTTP/2.0
host: assets.msn.com
accept: application/javascript, */*;q=0.8
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
accept-encoding: gzip, deflate, br
cookie: USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A28%3A10+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; _C_ETH=1; _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: zMe9/U/sQ7tOLuJUcFr2+Q==
last-modified: Fri, 09 Aug 2024 06:14:07 GMT
etag: 0x8DCB83A7A5657AA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: daae8695-301e-00c6-6b7e-ea70fc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
content-length: 11711
date: Sat, 10 Aug 2024 21:43:42 GMT
akamai-request-bc: [a=95.101.143.101,b=25375766,c=g,n=GB_EN_LONDON,o=20940]
server-timing: clientrtt; dur=49, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 95.101.143.101
akamai-request-id: 1833416
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
akamai-grn: 0.658f655f.1723326222.1833416
vary: Origin
POST

https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon

MicrosoftEdgeCP.exe

Remote address:

13.89.178.27:443

Request

POST /OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon HTTP/2.0
host: browser.events.data.msn.com
origin: https://www.msn.com
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/plain;charset=UTF-8
accept-language: en-US
accept: */*
accept-encoding: gzip, deflate, br
content-length: 4948
cache-control: no-cache
cookie: USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A28%3A10+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; _C_ETH=1; _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=9252cf449b264fb38c186b9ce5407848&HASH=9252&LV=202408&V=4&LU=1723326222258; Domain=.microsoft.com; Expires=Sun, 10 Aug 2025 21:43:42 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=fba5f985bae34f1a97ae1e305428a187; Domain=.microsoft.com; Expires=Sat, 10 Aug 2024 22:13:42 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1258
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
date: Sat, 10 Aug 2024 21:43:41 GMT
POST

https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon

MicrosoftEdgeCP.exe

Remote address:

13.89.178.27:443

Request

POST /OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon HTTP/2.0
host: browser.events.data.msn.com
origin: https://www.msn.com
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/plain;charset=UTF-8
accept-language: en-US
accept: */*
accept-encoding: gzip, deflate, br
content-length: 5414
cache-control: no-cache
cookie: USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A28%3A10+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; _C_ETH=1; _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=18cbdc8a6d06439382f9d7e0d9ee6dcc&HASH=18cb&LV=202408&V=4&LU=1723326222883; Domain=.microsoft.com; Expires=Sun, 10 Aug 2025 21:43:42 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=fa9fdbdbd5b34c2fa7a3d252eb0086d4; Domain=.microsoft.com; Expires=Sat, 10 Aug 2024 22:13:42 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1883
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
date: Sat, 10 Aug 2024 21:43:42 GMT
POST

https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon

MicrosoftEdgeCP.exe

Remote address:

13.89.178.27:443

Request

POST /OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon HTTP/2.0
host: browser.events.data.msn.com
origin: https://www.msn.com
referer: https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; ServiceUI 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
content-type: text/plain;charset=UTF-8
accept-language: en-US
accept: */*
accept-encoding: gzip, deflate, br
content-length: 4805
cache-control: no-cache
cookie: USRLOC=; MUID=160C54256D446C232E4B40726CE86D50; _EDGE_V=1; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Apr+04+2024+13%3A28%3A10+GMT%2B0000+(Coordinated+Universal+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false; _C_ETH=1; _EDGE_S=SID=2323B3F93F4460CF364FA72E3E3F6142

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=b466d46f185a4037be27e1c56fe16404&HASH=b466&LV=202408&V=4&LU=1723326222867; Domain=.microsoft.com; Expires=Sun, 10 Aug 2025 21:43:42 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=a9da1d075aff44899aadf4a86fe060c0; Domain=.microsoft.com; Expires=Sat, 10 Aug 2024 22:13:42 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1867
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
date: Sat, 10 Aug 2024 21:43:42 GMT
GET

https://www.msn.com/favicon.ico

MicrosoftEdge.exe

Remote address:

204.79.197.203:443

Request

GET /favicon.ico HTTP/2.0
host: www.msn.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1

Response

HTTP/2.0 200

cache-control: public, max-age=604800
content-length: 781
content-type: image/x-icon
content-encoding: gzip
content-md5: hMyXfQ6xSBZkgbAdhBjjdQ==
last-modified: Fri, 09 Aug 2024 06:14:14 GMT
etag: 0x8DCB83A7E2F8B63
vary: Origin
x-ms-request-id: 5dfd6e84-101e-0025-1160-ea1201000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
akamai-request-bc: [a=2.18.26.197,b=1485416357,c=g,n=GB_EN_SLOUGH,o=20940]
server-timing: clientrtt; dur=0, clienttt; dur=0, origin; dur=0, cdntime; dur=0, wpo;dur=0,1s;dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 2.18.26.197
akamai-request-id: 5889a7a5
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
akamai-grn: 0.c51a1202.1723326222.5889a7a5
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A58D9B98D6C747B6A3BD22F6FDBA663D Ref B: LON04EDGE0706 Ref C: 2024-08-10T21:43:42Z
date: Sat, 10 Aug 2024 21:43:42 GMT
DNS

105.143.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

105.143.101.95.in-addr.arpa

IN PTR

Response

105.143.101.95.in-addr.arpa

IN PTR

a95-101-143-105deploystaticakamaitechnologiescom
DNS

27.178.89.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

27.178.89.13.in-addr.arpa

IN PTR

Response
DNS

msedge.api.cdp.microsoft.com

MicrosoftEdgeUpdate.exe

Remote address:

8.8.8.8:53

Request

msedge.api.cdp.microsoft.com

IN A

Response

msedge.api.cdp.microsoft.com

IN CNAME

api.cdp.microsoft.com

api.cdp.microsoft.com

IN CNAME

glb.api.prod.dcat.dsp.trafficmanager.net

glb.api.prod.dcat.dsp.trafficmanager.net

IN A

20.114.58.89
POST

https://msedge.api.cdp.microsoft.com/api/v2/contents/Browser/namespaces/Default/names?action=batchupdates

MicrosoftEdgeUpdate.exe

Remote address:

20.114.58.89:443

Request

POST /api/v2/contents/Browser/namespaces/Default/names?action=batchupdates HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Content-Type: application/json
User-Agent: Microsoft Edge Update/1.3.195.15;winhttp
X-Old-UID: cnt=0
MS-CorrelationId: {089E3544-3A47-47ED-8219-D88FDA3D3529}
MS-RequestId: {9C774E1A-58B7-4726-BB8A-1F1D81DA9D88}
MS-CV: RDWeCEc67UeCGdiP2j01KQ.0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Content-Length: 835
Host: msedge.api.cdp.microsoft.com

Response

HTTP/1.1 200 OK

Content-Length: 96
Content-Type: text/plain; charset=utf-8
Content-Type: application/json; charset=utf-8
Date: Sat, 10 Aug 2024 21:43:44 GMT
MS-CorrelationId: 089e3544-3a47-47ed-8219-d88fda3d3529
MS-RequestId: 9c774e1a-58b7-4726-bb8a-1f1d81da9d88
MS-CV: {089E3544-3A47-47ED-8219-D88FDA3D3529}.0
POST

https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/127.0.2651.98/files?action=GenerateDownloadInfo&foregroundPriority=true

MicrosoftEdgeUpdate.exe

Remote address:

20.114.58.89:443

Request

POST /api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/127.0.2651.98/files?action=GenerateDownloadInfo&foregroundPriority=true HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Content-Type: application/json
User-Agent: Microsoft Edge Update/1.3.195.15;winhttp
X-Old-UID: cnt=0
MS-CorrelationId: {089E3544-3A47-47ED-8219-D88FDA3D3529}
MS-RequestId: {BE05BC5B-54D6-4E5B-BE8C-7C0725513AE8}
MS-CV: RDWeCEc67UeCGdiP2j01KQ.1
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Content-Length: 2
Host: msedge.api.cdp.microsoft.com

Response

HTTP/1.1 200 OK

Content-Length: 6872
Content-Type: text/plain; charset=utf-8
Content-Type: application/json; charset=utf-8
Date: Sat, 10 Aug 2024 21:43:44 GMT
MS-CorrelationId: 089e3544-3a47-47ed-8219-d88fda3d3529
MS-RequestId: be05bc5b-54d6-4e5b-be8c-7c0725513ae8
MS-CV: {089E3544-3A47-47ED-8219-D88FDA3D3529}.0
DNS

89.58.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

89.58.114.20.in-addr.arpa

IN PTR

Response
DNS

msedge.f.tlu.dl.delivery.mp.microsoft.com

Remote address:

8.8.8.8:53

Request

msedge.f.tlu.dl.delivery.mp.microsoft.com

IN A

Response

msedge.f.tlu.dl.delivery.mp.microsoft.com

IN CNAME

star.f.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

star.f.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com

IN CNAME

cdp-f-tlu-net.trafficmanager.net

cdp-f-tlu-net.trafficmanager.net

IN CNAME

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.36

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.24

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.22

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.99

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.21

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.37

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.98

edge.ds-c7114-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.101
HEAD

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

HEAD /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sat, 10 Aug 2024 21:43:48 GMT
Content-Type: application/octet-stream
Content-Length: 172606408
Connection: keep-alive
Age: 166017
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: eeeed0c4-d61a-4c86-b7d8-f935a474ff73
MS-CV: Pwz3zTPXYEqdozqpUnsmLA.0.2.6.2.1.21.0
MS-RequestId: 0ca7ec36-5241-42e0-a319-7806d676bbdd
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Accept-Ranges: bytes
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f99f1d8-1135170257-1
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=0-11199
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:43:48 GMT
Content-Type: application/octet-stream
Content-Length: 11200
Connection: keep-alive
Age: 166017
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: eeeed0c4-d61a-4c86-b7d8-f935a474ff73
MS-CV: Pwz3zTPXYEqdozqpUnsmLA.0.2.6.2.1.21.0
MS-RequestId: 0ca7ec36-5241-42e0-a319-7806d676bbdd
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 0-11199/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f99f55e-1135170399-1
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=11200-216703
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:43:48 GMT
Content-Type: application/octet-stream
Content-Length: 205504
Connection: keep-alive
Age: 166017
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: eeeed0c4-d61a-4c86-b7d8-f935a474ff73
MS-CV: Pwz3zTPXYEqdozqpUnsmLA.0.2.6.2.1.21.0
MS-RequestId: 0ca7ec36-5241-42e0-a319-7806d676bbdd
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 11200-216703/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f99f6a3-1135170399-2
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=216704-1973147
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:43:48 GMT
Content-Type: application/octet-stream
Content-Length: 1756444
Connection: keep-alive
Age: 166017
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: eeeed0c4-d61a-4c86-b7d8-f935a474ff73
MS-CV: Pwz3zTPXYEqdozqpUnsmLA.0.2.6.2.1.21.0
MS-RequestId: 0ca7ec36-5241-42e0-a319-7806d676bbdd
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 216704-1973147/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f99fb18-1135170399-3
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=1973148-8781069
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:43:49 GMT
Content-Type: application/octet-stream
Content-Length: 6807922
Connection: keep-alive
Age: 166017
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: eeeed0c4-d61a-4c86-b7d8-f935a474ff73
MS-CV: Pwz3zTPXYEqdozqpUnsmLA.0.2.6.2.1.21.0
MS-RequestId: 0ca7ec36-5241-42e0-a319-7806d676bbdd
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 1973148-8781069/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9a059d-1135170399-4
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=8781070-14402804
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:43:51 GMT
Content-Type: application/octet-stream
Content-Length: 5621735
Connection: keep-alive
Age: 34
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: faa3f4a5-77f7-42a8-b619-ec1d702f12e1
MS-CV: KNnAy/UWikChbu9z.0
MS-RequestId: 90deae6f-7422-413f-a63a-03faa9ff8247
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9a36af-1135170399-5
Content-Range: bytes 8781070-14402804/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=14402805-18019230
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:43:54 GMT
Content-Type: application/octet-stream
Content-Length: 3616426
Connection: keep-alive
Age: 34
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: faa3f4a5-77f7-42a8-b619-ec1d702f12e1
MS-CV: KNnAy/UWikChbu9z.0
MS-RequestId: 90deae6f-7422-413f-a63a-03faa9ff8247
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9a748c-1135170399-6
Content-Range: bytes 14402805-18019230/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=18019231-20841255
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:43:57 GMT
Content-Type: application/octet-stream
Content-Length: 2822025
Connection: keep-alive
Age: 33
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 2ca85371-878d-45b5-8627-d63c90daa83f
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.37.0
MS-RequestId: b13d4794-6ba2-4c07-b19c-88872c9eb902
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9aa76c-1135170399-7
Content-Range: bytes 18019231-20841255/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=20841256-22014166
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:02 GMT
Content-Type: application/octet-stream
Content-Length: 1172911
Connection: keep-alive
Age: 33
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 2ca85371-878d-45b5-8627-d63c90daa83f
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.37.0
MS-RequestId: b13d4794-6ba2-4c07-b19c-88872c9eb902
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9b02ef-1135170399-8
Content-Range: bytes 20841256-22014166/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=22014167-22876917
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:05 GMT
Content-Type: application/octet-stream
Content-Length: 862751
Connection: keep-alive
Age: 33
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 2ca85371-878d-45b5-8627-d63c90daa83f
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.37.0
MS-RequestId: b13d4794-6ba2-4c07-b19c-88872c9eb902
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9b3790-1135170399-9
Content-Range: bytes 22014167-22876917/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=22876918-24630475
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:06 GMT
Content-Type: application/octet-stream
Content-Length: 1753558
Connection: keep-alive
Age: 33
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 2ca85371-878d-45b5-8627-d63c90daa83f
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.37.0
MS-RequestId: b13d4794-6ba2-4c07-b19c-88872c9eb902
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9b4b1e-1135170399-10
Content-Range: bytes 22876918-24630475/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=24630476-26116541
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:08 GMT
Content-Type: application/octet-stream
Content-Length: 1486066
Connection: keep-alive
Age: 33
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 2ca85371-878d-45b5-8627-d63c90daa83f
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.37.0
MS-RequestId: b13d4794-6ba2-4c07-b19c-88872c9eb902
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9b786e-1135170399-11
Content-Range: bytes 24630476-26116541/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=26116542-28000021
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:09 GMT
Content-Type: application/octet-stream
Content-Length: 1883480
Connection: keep-alive
Age: 32
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 16ceb441-9017-4a80-9284-b93234a30df3
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.16.0
MS-RequestId: 77ed77b3-933f-494f-b9ec-e26d8c062396
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9b96e7-1135170399-12
Content-Range: bytes 26116542-28000021/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=28000022-31348429
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:11 GMT
Content-Type: application/octet-stream
Content-Length: 3348408
Connection: keep-alive
Age: 32
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 16ceb441-9017-4a80-9284-b93234a30df3
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.16.0
MS-RequestId: 77ed77b3-933f-494f-b9ec-e26d8c062396
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9bb8ab-1135170399-13
Content-Range: bytes 28000022-31348429/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=31348430-32816385
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:15 GMT
Content-Type: application/octet-stream
Content-Length: 1467956
Connection: keep-alive
Age: 32
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 16ceb441-9017-4a80-9284-b93234a30df3
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.16.0
MS-RequestId: 77ed77b3-933f-494f-b9ec-e26d8c062396
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9c05e7-1135170399-14
Content-Range: bytes 31348430-32816385/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=32816386-35353906
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:16 GMT
Content-Type: application/octet-stream
Content-Length: 2537521
Connection: keep-alive
Age: 32
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 16ceb441-9017-4a80-9284-b93234a30df3
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.16.0
MS-RequestId: 77ed77b3-933f-494f-b9ec-e26d8c062396
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9c1c1b-1135170399-15
Content-Range: bytes 32816386-35353906/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=35353907-38508065
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:18 GMT
Content-Type: application/octet-stream
Content-Length: 3154159
Connection: keep-alive
Age: 32
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: af33974e-d702-4231-b5ec-c18dd227c658
MS-CV: O3z/nvMWiUykMqrP4dMZYg.0.2.7.1.1.190.0
MS-RequestId: 21eec8eb-3dc5-420a-be2b-a4dd97a2adf7
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9c3b1f-1135170399-16
Content-Range: bytes 35353907-38508065/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=38508066-42390106
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:20 GMT
Content-Type: application/octet-stream
Content-Length: 3882041
Connection: keep-alive
Age: 32
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: af33974e-d702-4231-b5ec-c18dd227c658
MS-CV: O3z/nvMWiUykMqrP4dMZYg.0.2.7.1.1.190.0
MS-RequestId: 21eec8eb-3dc5-420a-be2b-a4dd97a2adf7
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9c5ab5-1135170399-17
Content-Range: bytes 38508066-42390106/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=42390107-46241337
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:22 GMT
Content-Type: application/octet-stream
Content-Length: 3851231
Connection: keep-alive
Age: 38
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 15c272cc-8794-4170-ac1d-8391cc84e618
MS-CV: vWFjEJWipEiOhsXh.0
MS-RequestId: 50bdb56e-ce46-4876-82f2-3f895725f00b
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9c82c8-1135170399-18
Content-Range: bytes 42390107-46241337/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=46241338-47906734
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:26 GMT
Content-Type: application/octet-stream
Content-Length: 1665397
Connection: keep-alive
Age: 38
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 15c272cc-8794-4170-ac1d-8391cc84e618
MS-CV: vWFjEJWipEiOhsXh.0
MS-RequestId: 50bdb56e-ce46-4876-82f2-3f895725f00b
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9cdb03-1135170399-19
Content-Range: bytes 46241338-47906734/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=47906735-49572131
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:28 GMT
Content-Type: application/octet-stream
Content-Length: 1665397
Connection: keep-alive
Age: 38
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 15c272cc-8794-4170-ac1d-8391cc84e618
MS-CV: vWFjEJWipEiOhsXh.0
MS-RequestId: 50bdb56e-ce46-4876-82f2-3f895725f00b
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9d0269-1135170399-20
Content-Range: bytes 47906735-49572131/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=49572132-51968385
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:30 GMT
Content-Type: application/octet-stream
Content-Length: 2396254
Connection: keep-alive
Age: 38
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 15c272cc-8794-4170-ac1d-8391cc84e618
MS-CV: vWFjEJWipEiOhsXh.0
MS-RequestId: 50bdb56e-ce46-4876-82f2-3f895725f00b
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9d1dc1-1135170399-21
Content-Range: bytes 49572132-51968385/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=51968386-53827387
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:32 GMT
Content-Type: application/octet-stream
Content-Length: 1859002
Connection: keep-alive
Age: 46
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 7157a0ab-01ed-4b4c-b0ef-66084b9a49ca
MS-CV: uYAkcgsZ0k2JiWloy/ZUww.0.2.6.1.1.314.0
MS-RequestId: 3ef20b03-8e3b-4d62-9896-5ce57e8ef474
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9d5053-1135170399-22
Content-Range: bytes 51968386-53827387/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=53827388-55413566
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:34 GMT
Content-Type: application/octet-stream
Content-Length: 1586179
Connection: keep-alive
Age: 46
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 7157a0ab-01ed-4b4c-b0ef-66084b9a49ca
MS-CV: uYAkcgsZ0k2JiWloy/ZUww.0.2.6.1.1.314.0
MS-RequestId: 3ef20b03-8e3b-4d62-9896-5ce57e8ef474
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9d7e03-1135170399-23
Content-Range: bytes 53827388-55413566/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=55413567-59735579
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:35 GMT
Content-Type: application/octet-stream
Content-Length: 4322013
Connection: keep-alive
Age: 46
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 7157a0ab-01ed-4b4c-b0ef-66084b9a49ca
MS-CV: uYAkcgsZ0k2JiWloy/ZUww.0.2.6.1.1.314.0
MS-RequestId: 3ef20b03-8e3b-4d62-9896-5ce57e8ef474
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9d8cbc-1135170399-24
Content-Range: bytes 55413567-59735579/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=59735580-62647005
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:38 GMT
Content-Type: application/octet-stream
Content-Length: 2911426
Connection: keep-alive
Age: 53
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 6f0ae80c-ab48-4c60-a393-d2839f7d3b51
MS-CV: j9iY73DKDEi0FGmH.0
MS-RequestId: 9c7720ef-9628-4692-ac45-c0a51ed33f03
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9dc673-1135170399-25
Content-Range: bytes 59735580-62647005/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=62647006-64918894
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:41 GMT
Content-Type: application/octet-stream
Content-Length: 2271889
Connection: keep-alive
Age: 53
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 6f0ae80c-ab48-4c60-a393-d2839f7d3b51
MS-CV: j9iY73DKDEi0FGmH.0
MS-RequestId: 9c7720ef-9628-4692-ac45-c0a51ed33f03
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9df85f-1135170399-26
Content-Range: bytes 62647006-64918894/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=64918895-67138619
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:43 GMT
Content-Type: application/octet-stream
Content-Length: 2219725
Connection: keep-alive
Age: 53
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 6f0ae80c-ab48-4c60-a393-d2839f7d3b51
MS-CV: j9iY73DKDEi0FGmH.0
MS-RequestId: 9c7720ef-9628-4692-ac45-c0a51ed33f03
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9e20d2-1135170399-27
Content-Range: bytes 64918895-67138619/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=67138620-67869031
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:49 GMT
Content-Type: application/octet-stream
Content-Length: 730412
Connection: keep-alive
Age: 56
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: f8f4fcf4-3bd1-41a8-b7bb-dffd5acd2d66
MS-CV: rJHN7BLibE6SAgYn.0
MS-RequestId: e8db533e-609f-48a5-b7a2-7ca157c9c311
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9e9822-1135170399-28
Content-Range: bytes 67138620-67869031/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=67869032-68751171
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:51 GMT
Content-Type: application/octet-stream
Content-Length: 882140
Connection: keep-alive
Age: 56
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: f8f4fcf4-3bd1-41a8-b7bb-dffd5acd2d66
MS-CV: rJHN7BLibE6SAgYn.0
MS-RequestId: e8db533e-609f-48a5-b7a2-7ca157c9c311
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9eb807-1135170399-29
Content-Range: bytes 67869032-68751171/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=68751172-70217737
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:52 GMT
Content-Type: application/octet-stream
Content-Length: 1466566
Connection: keep-alive
Age: 56
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: f8f4fcf4-3bd1-41a8-b7bb-dffd5acd2d66
MS-CV: rJHN7BLibE6SAgYn.0
MS-RequestId: e8db533e-609f-48a5-b7a2-7ca157c9c311
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9ecfda-1135170399-30
Content-Range: bytes 68751172-70217737/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=70217738-71503634
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:54 GMT
Content-Type: application/octet-stream
Content-Length: 1285897
Connection: keep-alive
Age: 56
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: f8f4fcf4-3bd1-41a8-b7bb-dffd5acd2d66
MS-CV: rJHN7BLibE6SAgYn.0
MS-RequestId: e8db533e-609f-48a5-b7a2-7ca157c9c311
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9efdc1-1135170399-31
Content-Range: bytes 70217738-71503634/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=71503635-72646653
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:56 GMT
Content-Type: application/octet-stream
Content-Length: 1143019
Connection: keep-alive
Age: 56
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: f8f4fcf4-3bd1-41a8-b7bb-dffd5acd2d66
MS-CV: rJHN7BLibE6SAgYn.0
MS-RequestId: e8db533e-609f-48a5-b7a2-7ca157c9c311
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9f2a05-1135170399-32
Content-Range: bytes 71503635-72646653/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=72646654-73722435
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:44:58 GMT
Content-Type: application/octet-stream
Content-Length: 1075782
Connection: keep-alive
Age: 56
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: f8f4fcf4-3bd1-41a8-b7bb-dffd5acd2d66
MS-CV: rJHN7BLibE6SAgYn.0
MS-RequestId: e8db533e-609f-48a5-b7a2-7ca157c9c311
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9f5370-1135170399-33
Content-Range: bytes 72646654-73722435/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=73722436-75533515
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:00 GMT
Content-Type: application/octet-stream
Content-Length: 1811080
Connection: keep-alive
Age: 56
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: f8f4fcf4-3bd1-41a8-b7bb-dffd5acd2d66
MS-CV: rJHN7BLibE6SAgYn.0
MS-RequestId: e8db533e-609f-48a5-b7a2-7ca157c9c311
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9f6b03-1135170399-34
Content-Range: bytes 73722436-75533515/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=75533516-77899393
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:01 GMT
Content-Type: application/octet-stream
Content-Length: 2365878
Connection: keep-alive
Age: 64
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 8e7adbb7-b593-4f6a-a1b0-99e9e97b6cd2
MS-CV: ci8O7EEG9kuBgvRgGgMorg.0.1.1.7.3.1.5.0
MS-RequestId: 85edfecb-33a0-4276-b016-f861150260a8
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9f8915-1135170399-35
Content-Range: bytes 75533516-77899393/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=77899394-80628202
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:03 GMT
Content-Type: application/octet-stream
Content-Length: 2728809
Connection: keep-alive
Age: 64
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 8e7adbb7-b593-4f6a-a1b0-99e9e97b6cd2
MS-CV: ci8O7EEG9kuBgvRgGgMorg.0.1.1.7.3.1.5.0
MS-RequestId: 85edfecb-33a0-4276-b016-f861150260a8
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9fab3c-1135170399-36
Content-Range: bytes 77899394-80628202/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=80628203-83036683
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:05 GMT
Content-Type: application/octet-stream
Content-Length: 2408481
Connection: keep-alive
Age: 64
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 8e7adbb7-b593-4f6a-a1b0-99e9e97b6cd2
MS-CV: ci8O7EEG9kuBgvRgGgMorg.0.1.1.7.3.1.5.0
MS-RequestId: 85edfecb-33a0-4276-b016-f861150260a8
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9fd8cf-1135170399-37
Content-Range: bytes 80628203-83036683/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=83036684-86182967
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:07 GMT
Content-Type: application/octet-stream
Content-Length: 3146284
Connection: keep-alive
Age: 64
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 8e7adbb7-b593-4f6a-a1b0-99e9e97b6cd2
MS-CV: ci8O7EEG9kuBgvRgGgMorg.0.1.1.7.3.1.5.0
MS-RequestId: 85edfecb-33a0-4276-b016-f861150260a8
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022f9ff7d6-1135170399-38
Content-Range: bytes 83036684-86182967/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=86182968-89058912
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:09 GMT
Content-Type: application/octet-stream
Content-Length: 2875945
Connection: keep-alive
Age: 71
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 2f57de9b-d0cc-4724-bdfb-bef11edebe6a
MS-CV: 5qhSgEIt3kqX82zd3fCs8A.0.2.7.1.1.39.0
MS-RequestId: 54182dca-ef5f-408b-916d-394ab0e3bda9
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa024a7-1135170399-39
Content-Range: bytes 86182968-89058912/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=89058913-91211565
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:11 GMT
Content-Type: application/octet-stream
Content-Length: 2152653
Connection: keep-alive
Age: 71
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 2f57de9b-d0cc-4724-bdfb-bef11edebe6a
MS-CV: 5qhSgEIt3kqX82zd3fCs8A.0.2.7.1.1.39.0
MS-RequestId: 54182dca-ef5f-408b-916d-394ab0e3bda9
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa05c06-1135170399-40
Content-Range: bytes 89058913-91211565/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=91211566-93138738
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:14 GMT
Content-Type: application/octet-stream
Content-Length: 1927173
Connection: keep-alive
Age: 71
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 2f57de9b-d0cc-4724-bdfb-bef11edebe6a
MS-CV: 5qhSgEIt3kqX82zd3fCs8A.0.2.7.1.1.39.0
MS-RequestId: 54182dca-ef5f-408b-916d-394ab0e3bda9
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa08a73-1135170399-41
Content-Range: bytes 91211566-93138738/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=93138739-95021662
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:16 GMT
Content-Type: application/octet-stream
Content-Length: 1882924
Connection: keep-alive
Age: 86547
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: be286354-e4c4-492b-a523-e0d9442265fa
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.2.0
MS-RequestId: 7dfee8b6-7eae-4081-8d77-4c2ffc2621f6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 93138739-95021662/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa0b365-1135170399-42
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=95021663-97669937
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:17 GMT
Content-Type: application/octet-stream
Content-Length: 2648275
Connection: keep-alive
Age: 86547
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: be286354-e4c4-492b-a523-e0d9442265fa
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.2.0
MS-RequestId: 7dfee8b6-7eae-4081-8d77-4c2ffc2621f6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 95021663-97669937/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa0cfb1-1135170399-43
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=97669938-99339719
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:20 GMT
Content-Type: application/octet-stream
Content-Length: 1669782
Connection: keep-alive
Age: 86547
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: be286354-e4c4-492b-a523-e0d9442265fa
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.2.0
MS-RequestId: 7dfee8b6-7eae-4081-8d77-4c2ffc2621f6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 97669938-99339719/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa11188-1135170399-44
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=99339720-100174610
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:24 GMT
Content-Type: application/octet-stream
Content-Length: 834891
Connection: keep-alive
Age: 86547
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: be286354-e4c4-492b-a523-e0d9442265fa
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.2.0
MS-RequestId: 7dfee8b6-7eae-4081-8d77-4c2ffc2621f6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 99339720-100174610/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa16251-1135170399-45
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=100174611-101562624
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:26 GMT
Content-Type: application/octet-stream
Content-Length: 1388014
Connection: keep-alive
Age: 86547
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: be286354-e4c4-492b-a523-e0d9442265fa
MS-CV: xp+0sVUIFkSboXZpzZCtxg.0.1.1.6.1.1.2.0
MS-RequestId: 7dfee8b6-7eae-4081-8d77-4c2ffc2621f6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 100174611-101562624/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa17a7a-1135170399-46
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=101562625-103473173
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:27 GMT
Content-Type: application/octet-stream
Content-Length: 1910549
Connection: keep-alive
Age: 89
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 351e0a10-9158-4140-abd0-b41f98c8f739
MS-CV: Z2fNIMGlFkG1DLiSdDBASQ.0.1.1.6.1.1.525.0
MS-RequestId: 968644f3-51bc-4ded-a8d3-99b42b0b27f9
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 101562625-103473173/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa19869-1135170399-47
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=103473174-105477946
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:29 GMT
Content-Type: application/octet-stream
Content-Length: 2004773
Connection: keep-alive
Age: 89
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 351e0a10-9158-4140-abd0-b41f98c8f739
MS-CV: Z2fNIMGlFkG1DLiSdDBASQ.0.1.1.6.1.1.525.0
MS-RequestId: 968644f3-51bc-4ded-a8d3-99b42b0b27f9
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 103473174-105477946/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa1bec0-1135170399-48
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=105477947-107166175
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:31 GMT
Content-Type: application/octet-stream
Content-Length: 1688229
Connection: keep-alive
Age: 89
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 351e0a10-9158-4140-abd0-b41f98c8f739
MS-CV: Z2fNIMGlFkG1DLiSdDBASQ.0.1.1.6.1.1.525.0
MS-RequestId: 968644f3-51bc-4ded-a8d3-99b42b0b27f9
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 105477947-107166175/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa1ee0f-1135170399-49
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=107166176-108037519
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:35 GMT
Content-Type: application/octet-stream
Content-Length: 871344
Connection: keep-alive
Age: 89
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 351e0a10-9158-4140-abd0-b41f98c8f739
MS-CV: Z2fNIMGlFkG1DLiSdDBASQ.0.1.1.6.1.1.525.0
MS-RequestId: 968644f3-51bc-4ded-a8d3-99b42b0b27f9
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 107166176-108037519/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa23c02-1135170399-50
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=108037520-108506109
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:39 GMT
Content-Type: application/octet-stream
Content-Length: 468590
Connection: keep-alive
Age: 89
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 351e0a10-9158-4140-abd0-b41f98c8f739
MS-CV: Z2fNIMGlFkG1DLiSdDBASQ.0.1.1.6.1.1.525.0
MS-RequestId: 968644f3-51bc-4ded-a8d3-99b42b0b27f9
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 108037520-108506109/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa28615-1135170399-51
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=108506110-109179854
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:40 GMT
Content-Type: application/octet-stream
Content-Length: 673745
Connection: keep-alive
Age: 89
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 351e0a10-9158-4140-abd0-b41f98c8f739
MS-CV: Z2fNIMGlFkG1DLiSdDBASQ.0.1.1.6.1.1.525.0
MS-RequestId: 968644f3-51bc-4ded-a8d3-99b42b0b27f9
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 108506110-109179854/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa2a26e-1135170399-52
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=109179855-109646113
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:43 GMT
Content-Type: application/octet-stream
Content-Length: 466259
Connection: keep-alive
Age: 88
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 705a0a6c-bc55-4a2f-997a-34291665508d
MS-CV: ypQzQpEDckuoQNsZ.0
MS-RequestId: 7f49772f-49aa-4ed7-8a4a-ee9b10a698a0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa2ddf3-1135170399-53
Content-Range: bytes 109179855-109646113/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=109646114-110072309
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:45 GMT
Content-Type: application/octet-stream
Content-Length: 426196
Connection: keep-alive
Age: 88
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 705a0a6c-bc55-4a2f-997a-34291665508d
MS-CV: ypQzQpEDckuoQNsZ.0
MS-RequestId: 7f49772f-49aa-4ed7-8a4a-ee9b10a698a0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa30a1e-1135170399-54
Content-Range: bytes 109646114-110072309/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=110072310-110495332
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:47 GMT
Content-Type: application/octet-stream
Content-Length: 423023
Connection: keep-alive
Age: 88
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 705a0a6c-bc55-4a2f-997a-34291665508d
MS-CV: ypQzQpEDckuoQNsZ.0
MS-RequestId: 7f49772f-49aa-4ed7-8a4a-ee9b10a698a0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa331f2-1135170399-55
Content-Range: bytes 110072310-110495332/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=110495333-111172168
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:49 GMT
Content-Type: application/octet-stream
Content-Length: 676836
Connection: keep-alive
Age: 88
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 705a0a6c-bc55-4a2f-997a-34291665508d
MS-CV: ypQzQpEDckuoQNsZ.0
MS-RequestId: 7f49772f-49aa-4ed7-8a4a-ee9b10a698a0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa34bbd-1135170399-56
Content-Range: bytes 110495333-111172168/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=111172169-112093660
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:50 GMT
Content-Type: application/octet-stream
Content-Length: 921492
Connection: keep-alive
Age: 88
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 705a0a6c-bc55-4a2f-997a-34291665508d
MS-CV: ypQzQpEDckuoQNsZ.0
MS-RequestId: 7f49772f-49aa-4ed7-8a4a-ee9b10a698a0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa3687d-1135170399-57
Content-Range: bytes 111172169-112093660/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=112093661-113076584
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:52 GMT
Content-Type: application/octet-stream
Content-Length: 982924
Connection: keep-alive
Age: 88
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 705a0a6c-bc55-4a2f-997a-34291665508d
MS-CV: ypQzQpEDckuoQNsZ.0
MS-RequestId: 7f49772f-49aa-4ed7-8a4a-ee9b10a698a0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa38dde-1135170399-58
Content-Range: bytes 112093661-113076584/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=113076585-114360612
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:54 GMT
Content-Type: application/octet-stream
Content-Length: 1284028
Connection: keep-alive
Age: 88
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 705a0a6c-bc55-4a2f-997a-34291665508d
MS-CV: ypQzQpEDckuoQNsZ.0
MS-RequestId: 7f49772f-49aa-4ed7-8a4a-ee9b10a698a0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa3b18d-1135170399-59
Content-Range: bytes 113076585-114360612/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=114360613-115896530
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:55 GMT
Content-Type: application/octet-stream
Content-Length: 1535918
Connection: keep-alive
Age: 88
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 705a0a6c-bc55-4a2f-997a-34291665508d
MS-CV: ypQzQpEDckuoQNsZ.0
MS-RequestId: 7f49772f-49aa-4ed7-8a4a-ee9b10a698a0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa3cbe0-1135170399-60
Content-Range: bytes 114360613-115896530/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=115896531-117804502
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:45:57 GMT
Content-Type: application/octet-stream
Content-Length: 1907972
Connection: keep-alive
Age: 88
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 705a0a6c-bc55-4a2f-997a-34291665508d
MS-CV: ypQzQpEDckuoQNsZ.0
MS-RequestId: 7f49772f-49aa-4ed7-8a4a-ee9b10a698a0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa3eb29-1135170399-61
Content-Range: bytes 115896531-117804502/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=117804503-118535805
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:02 GMT
Content-Type: application/octet-stream
Content-Length: 731303
Connection: keep-alive
Age: 48
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 013aabe1-16fa-4775-bc89-58a378353276
MS-CV: N3lpd/UN7E2YJ14X.0
MS-RequestId: 3b048753-1239-43ec-9aa9-59505480d8c5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa450be-1135170399-62
Content-Range: bytes 117804503-118535805/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=118535806-119076909
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:05 GMT
Content-Type: application/octet-stream
Content-Length: 541104
Connection: keep-alive
Age: 48
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 013aabe1-16fa-4775-bc89-58a378353276
MS-CV: N3lpd/UN7E2YJ14X.0
MS-RequestId: 3b048753-1239-43ec-9aa9-59505480d8c5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa48495-1135170399-63
Content-Range: bytes 118535806-119076909/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=119076910-120038871
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:06 GMT
Content-Type: application/octet-stream
Content-Length: 961962
Connection: keep-alive
Age: 48
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 013aabe1-16fa-4775-bc89-58a378353276
MS-CV: N3lpd/UN7E2YJ14X.0
MS-RequestId: 3b048753-1239-43ec-9aa9-59505480d8c5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa49a47-1135170399-64
Content-Range: bytes 119076910-120038871/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=120038872-120957650
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:08 GMT
Content-Type: application/octet-stream
Content-Length: 918779
Connection: keep-alive
Age: 48
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 013aabe1-16fa-4775-bc89-58a378353276
MS-CV: N3lpd/UN7E2YJ14X.0
MS-RequestId: 3b048753-1239-43ec-9aa9-59505480d8c5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa4c0ef-1135170399-65
Content-Range: bytes 120038872-120957650/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=120957651-121803671
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:10 GMT
Content-Type: application/octet-stream
Content-Length: 846021
Connection: keep-alive
Age: 48
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 013aabe1-16fa-4775-bc89-58a378353276
MS-CV: N3lpd/UN7E2YJ14X.0
MS-RequestId: 3b048753-1239-43ec-9aa9-59505480d8c5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa4eac9-1135170399-66
Content-Range: bytes 120957651-121803671/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=121803672-122886231
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:12 GMT
Content-Type: application/octet-stream
Content-Length: 1082560
Connection: keep-alive
Age: 48
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 013aabe1-16fa-4775-bc89-58a378353276
MS-CV: N3lpd/UN7E2YJ14X.0
MS-RequestId: 3b048753-1239-43ec-9aa9-59505480d8c5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa5094a-1135170399-67
Content-Range: bytes 121803672-122886231/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=122886232-124134858
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:13 GMT
Content-Type: application/octet-stream
Content-Length: 1248627
Connection: keep-alive
Age: 48
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 013aabe1-16fa-4775-bc89-58a378353276
MS-CV: N3lpd/UN7E2YJ14X.0
MS-RequestId: 3b048753-1239-43ec-9aa9-59505480d8c5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa52978-1135170399-68
Content-Range: bytes 122886232-124134858/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=124134859-125717401
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:15 GMT
Content-Type: application/octet-stream
Content-Length: 1582543
Connection: keep-alive
Age: 48
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 013aabe1-16fa-4775-bc89-58a378353276
MS-CV: N3lpd/UN7E2YJ14X.0
MS-RequestId: 3b048753-1239-43ec-9aa9-59505480d8c5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa548a2-1135170399-69
Content-Range: bytes 124134859-125717401/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=125717402-126682072
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:18 GMT
Content-Type: application/octet-stream
Content-Length: 964671
Connection: keep-alive
Age: 48
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 013aabe1-16fa-4775-bc89-58a378353276
MS-CV: N3lpd/UN7E2YJ14X.0
MS-RequestId: 3b048753-1239-43ec-9aa9-59505480d8c5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa5885c-1135170399-70
Content-Range: bytes 125717402-126682072/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=126682073-127168174
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:22 GMT
Content-Type: application/octet-stream
Content-Length: 486102
Connection: keep-alive
Age: 78
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 87ff44f3-fa4c-412d-a5c9-eb182eb12f4b
MS-CV: /sQRgOnHm0ukvN5x.0
MS-RequestId: 9671aab6-bce0-4f07-8f47-7b863a55c1b6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 126682073-127168174/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa5d5a1-1135170399-71
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=127168175-127704414
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:24 GMT
Content-Type: application/octet-stream
Content-Length: 536240
Connection: keep-alive
Age: 78
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 87ff44f3-fa4c-412d-a5c9-eb182eb12f4b
MS-CV: /sQRgOnHm0ukvN5x.0
MS-RequestId: 9671aab6-bce0-4f07-8f47-7b863a55c1b6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 127168175-127704414/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa5f89d-1135170399-72
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=127704415-128595918
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:25 GMT
Content-Type: application/octet-stream
Content-Length: 891504
Connection: keep-alive
Age: 78
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 87ff44f3-fa4c-412d-a5c9-eb182eb12f4b
MS-CV: /sQRgOnHm0ukvN5x.0
MS-RequestId: 9671aab6-bce0-4f07-8f47-7b863a55c1b6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 127704415-128595918/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa60fb4-1135170399-73
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=128595919-129571305
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:27 GMT
Content-Type: application/octet-stream
Content-Length: 975387
Connection: keep-alive
Age: 78
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 87ff44f3-fa4c-412d-a5c9-eb182eb12f4b
MS-CV: /sQRgOnHm0ukvN5x.0
MS-RequestId: 9671aab6-bce0-4f07-8f47-7b863a55c1b6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 128595919-129571305/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa63327-1135170399-74
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=129571306-130257231
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:30 GMT
Content-Type: application/octet-stream
Content-Length: 685926
Connection: keep-alive
Age: 78
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 87ff44f3-fa4c-412d-a5c9-eb182eb12f4b
MS-CV: /sQRgOnHm0ukvN5x.0
MS-RequestId: 9671aab6-bce0-4f07-8f47-7b863a55c1b6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 129571306-130257231/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa66b23-1135170399-75
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=130257232-131021068
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:32 GMT
Content-Type: application/octet-stream
Content-Length: 763837
Connection: keep-alive
Age: 78
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 87ff44f3-fa4c-412d-a5c9-eb182eb12f4b
MS-CV: /sQRgOnHm0ukvN5x.0
MS-RequestId: 9671aab6-bce0-4f07-8f47-7b863a55c1b6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 130257232-131021068/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa68e40-1135170399-76
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=131021069-132170559
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:33 GMT
Content-Type: application/octet-stream
Content-Length: 1149491
Connection: keep-alive
Age: 78
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 87ff44f3-fa4c-412d-a5c9-eb182eb12f4b
MS-CV: /sQRgOnHm0ukvN5x.0
MS-RequestId: 9671aab6-bce0-4f07-8f47-7b863a55c1b6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 131021069-132170559/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa6a73b-1135170399-77
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=132170560-133901720
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:34 GMT
Content-Type: application/octet-stream
Content-Length: 1731161
Connection: keep-alive
Age: 78
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 87ff44f3-fa4c-412d-a5c9-eb182eb12f4b
MS-CV: /sQRgOnHm0ukvN5x.0
MS-RequestId: 9671aab6-bce0-4f07-8f47-7b863a55c1b6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 132170560-133901720/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa6c12b-1135170399-78
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=133901721-135286648
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:37 GMT
Content-Type: application/octet-stream
Content-Length: 1384928
Connection: keep-alive
Age: 78
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 87ff44f3-fa4c-412d-a5c9-eb182eb12f4b
MS-CV: /sQRgOnHm0ukvN5x.0
MS-RequestId: 9671aab6-bce0-4f07-8f47-7b863a55c1b6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Content-Range: bytes 133901721-135286648/172606408
Server: Qwilt
X-OC-Service-Type: lo
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa6f306-1135170399-79
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=135286649-137256673
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:38 GMT
Content-Type: application/octet-stream
Content-Length: 1970025
Connection: keep-alive
Age: 54
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 490e99a3-00a5-4b3f-bd17-bef5c4b3eebf
MS-CV: 74HJ5Aj+1EaCrTaI.0
MS-RequestId: a00e5f37-8c94-4c36-a03d-1bea6f962a75
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa70e4a-1135170399-80
Content-Range: bytes 135286649-137256673/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=137256674-139242585
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:40 GMT
Content-Type: application/octet-stream
Content-Length: 1985912
Connection: keep-alive
Age: 54
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 490e99a3-00a5-4b3f-bd17-bef5c4b3eebf
MS-CV: 74HJ5Aj+1EaCrTaI.0
MS-RequestId: a00e5f37-8c94-4c36-a03d-1bea6f962a75
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa734de-1135170399-81
Content-Range: bytes 137256674-139242585/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=139242586-141071233
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:42 GMT
Content-Type: application/octet-stream
Content-Length: 1828648
Connection: keep-alive
Age: 54
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 490e99a3-00a5-4b3f-bd17-bef5c4b3eebf
MS-CV: 74HJ5Aj+1EaCrTaI.0
MS-RequestId: a00e5f37-8c94-4c36-a03d-1bea6f962a75
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa760af-1135170399-82
Content-Range: bytes 139242586-141071233/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=141071234-142416321
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:45 GMT
Content-Type: application/octet-stream
Content-Length: 1345088
Connection: keep-alive
Age: 54
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 490e99a3-00a5-4b3f-bd17-bef5c4b3eebf
MS-CV: 74HJ5Aj+1EaCrTaI.0
MS-RequestId: a00e5f37-8c94-4c36-a03d-1bea6f962a75
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa7966d-1135170399-83
Content-Range: bytes 141071234-142416321/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=142416322-144190843
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:47 GMT
Content-Type: application/octet-stream
Content-Length: 1774522
Connection: keep-alive
Age: 54
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 490e99a3-00a5-4b3f-bd17-bef5c4b3eebf
MS-CV: 74HJ5Aj+1EaCrTaI.0
MS-RequestId: a00e5f37-8c94-4c36-a03d-1bea6f962a75
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa7b50d-1135170399-84
Content-Range: bytes 142416322-144190843/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=144190844-145165855
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:50 GMT
Content-Type: application/octet-stream
Content-Length: 975012
Connection: keep-alive
Age: 39
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: fe6049c2-f332-480f-9fad-e21033f49fdf
MS-CV: qBPTYo5ju0WxrJcF.0
MS-RequestId: 81c30029-01d8-446d-91f1-311eb994a3c6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa8003d-1135170399-85
Content-Range: bytes 144190844-145165855/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=145165856-146507922
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:52 GMT
Content-Type: application/octet-stream
Content-Length: 1342067
Connection: keep-alive
Age: 39
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: fe6049c2-f332-480f-9fad-e21033f49fdf
MS-CV: qBPTYo5ju0WxrJcF.0
MS-RequestId: 81c30029-01d8-446d-91f1-311eb994a3c6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa81f55-1135170399-86
Content-Range: bytes 145165856-146507922/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=146507923-147411975
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:55 GMT
Content-Type: application/octet-stream
Content-Length: 904053
Connection: keep-alive
Age: 39
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: fe6049c2-f332-480f-9fad-e21033f49fdf
MS-CV: qBPTYo5ju0WxrJcF.0
MS-RequestId: 81c30029-01d8-446d-91f1-311eb994a3c6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa85d1b-1135170399-87
Content-Range: bytes 146507923-147411975/172606408
Server: Qwilt
X-OC-Service-Type: lo
DNS

36.58.20.217.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.58.20.217.in-addr.arpa

IN PTR

Response
DNS

161.19.199.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

161.19.199.152.in-addr.arpa

IN PTR

Response
DNS

www.microsoft.com

MicrosoftEdge.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

95.100.245.144
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
GET

https://www.bing.com/cortanaassist/rules?cc=US&version=6

MicrosoftEdge.exe

Remote address:

95.101.143.201:443

Request

GET /cortanaassist/rules?cc=US&version=6 HTTP/2.0
host: www.bing.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
dnt: 1

Response

HTTP/2.0 404

cache-control: private
content-length: 56211
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 66b7df3f5e4541739147d7d783715a6b
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-error-page: 404-custom
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9EE142DA8A64C29AA7DB948DC2A6F05 Ref B: LON601060108042 Ref C: 2024-08-10T21:44:31Z
date: Sat, 10 Aug 2024 21:44:31 GMT
set-cookie: MUID=167D88E1BEA665C43AC79C36BFA064A6; domain=.bing.com; expires=Thu, 04-Sep-2025 21:44:31 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=167D88E1BEA665C43AC79C36BFA064A6; expires=Thu, 04-Sep-2025 21:44:31 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=2562DA58B719622B0F78CE8FB61F6366&mkt=en-us; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 04-Sep-2025 21:44:31 GMT; path=/; HttpOnly
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 10-Aug-2026 21:44:31 GMT; path=/
set-cookie: SRCHUID=V=2&GUID=0F3B5BBF65C64F10933A13A76D9CF7D4&dmnchg=1; domain=.bing.com; expires=Mon, 10-Aug-2026 21:44:31 GMT; path=/
set-cookie: SRCHUSR=DOB=20240810; domain=.bing.com; expires=Mon, 10-Aug-2026 21:44:31 GMT; path=/
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 10-Aug-2026 21:44:31 GMT; path=/
set-cookie: _SS=SID=2562DA58B719622B0F78CE8FB61F6366; domain=.bing.com; path=/
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d78f655f.1723326271.169581b2
DNS

201.143.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

201.143.101.95.in-addr.arpa

IN PTR

Response

201.143.101.95.in-addr.arpa

IN PTR

a95-101-143-201deploystaticakamaitechnologiescom
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN A

Response

shavar.prod.mozaws.net

IN A

44.239.110.200

shavar.prod.mozaws.net

IN A

35.165.99.161

shavar.prod.mozaws.net

IN A

35.155.86.205
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN AAAA

Response
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN AAAA

Response
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

166.188.117.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

166.188.117.34.in-addr.arpa

IN PTR

Response

166.188.117.34.in-addr.arpa

IN PTR

16618811734bcgoogleusercontentcom
DNS

166.188.117.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

166.188.117.34.in-addr.arpa

IN PTR

Response

166.188.117.34.in-addr.arpa

IN PTR

16618811734bcgoogleusercontentcom
DNS

161.99.165.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

161.99.165.35.in-addr.arpa

IN PTR

Response

161.99.165.35.in-addr.arpa

IN PTR

ec2-35-165-99-161 us-west-2compute amazonawscom
DNS

161.99.165.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

161.99.165.35.in-addr.arpa

IN PTR

Response

161.99.165.35.in-addr.arpa

IN PTR

ec2-35-165-99-161 us-west-2compute amazonawscom
DNS

support.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

support.mozilla.org

IN A

Response

support.mozilla.org

IN CNAME

prod.sumo.prod.webservices.mozgcp.net

prod.sumo.prod.webservices.mozgcp.net

IN CNAME

us-west1.prod.sumo.prod.webservices.mozgcp.net

us-west1.prod.sumo.prod.webservices.mozgcp.net

IN A

34.149.128.2
DNS

support.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

support.mozilla.org

IN A

Response

support.mozilla.org

IN CNAME

prod.sumo.prod.webservices.mozgcp.net

prod.sumo.prod.webservices.mozgcp.net

IN CNAME

us-west1.prod.sumo.prod.webservices.mozgcp.net

us-west1.prod.sumo.prod.webservices.mozgcp.net

IN A

34.149.128.2
DNS

www.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mozilla.org

IN A

Response

www.mozilla.org

IN CNAME

www.mozorg.moz.works

www.mozorg.moz.works

IN A

143.204.72.186
DNS

www.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mozilla.org

IN A

Response

www.mozilla.org

IN CNAME

www.mozorg.moz.works

www.mozorg.moz.works

IN A

143.204.72.186
DNS

wiki.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

wiki.mozilla.org

IN A

Response

wiki.mozilla.org

IN CNAME

wiki-prod-850398177.us-west-2.elb.amazonaws.com

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

34.208.162.104

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

52.24.175.29

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

35.163.213.45
DNS

wiki.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

wiki.mozilla.org

IN A

Response

wiki.mozilla.org

IN CNAME

wiki-prod-850398177.us-west-2.elb.amazonaws.com

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

52.24.175.29

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

34.208.162.104

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

35.163.213.45
DNS

us-west1.prod.sumo.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

us-west1.prod.sumo.prod.webservices.mozgcp.net

IN A

Response

us-west1.prod.sumo.prod.webservices.mozgcp.net

IN A

34.149.128.2
DNS

us-west1.prod.sumo.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

us-west1.prod.sumo.prod.webservices.mozgcp.net

IN A

Response

us-west1.prod.sumo.prod.webservices.mozgcp.net

IN A

34.149.128.2
DNS

www.mozorg.moz.works

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mozorg.moz.works

IN A

Response

www.mozorg.moz.works

IN A

143.204.72.186
DNS

www.mozorg.moz.works

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mozorg.moz.works

IN A

Response

www.mozorg.moz.works

IN A

143.204.72.186
DNS

wiki-prod-850398177.us-west-2.elb.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

Response

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

52.24.175.29

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

34.208.162.104

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

35.163.213.45
DNS

wiki-prod-850398177.us-west-2.elb.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

Response

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

52.24.175.29

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

34.208.162.104

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN A

35.163.213.45
DNS

us-west1.prod.sumo.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

us-west1.prod.sumo.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

us-west1.prod.sumo.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

us-west1.prod.sumo.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

61.85.100.185.in-addr.arpa

firefox.exe

Remote address:

8.8.8.8:53

Request

61.85.100.185.in-addr.arpa

IN PTR

Response

61.85.100.185.in-addr.arpa

IN PTR

tor-exit-node-nibbanadsonorg
DNS

61.85.100.185.in-addr.arpa

firefox.exe

Remote address:

8.8.8.8:53

Request

61.85.100.185.in-addr.arpa

IN PTR
DNS

wiki-prod-850398177.us-west-2.elb.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN AAAA

Response
DNS

wiki-prod-850398177.us-west-2.elb.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

wiki-prod-850398177.us-west-2.elb.amazonaws.com

IN AAAA

Response
DNS

www.mozorg.moz.works

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mozorg.moz.works

IN AAAA

Response
DNS

www.mozorg.moz.works

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mozorg.moz.works

IN AAAA

Response
GET

https://www.bing.com/search?form=MOZLBR&pc=MOZI&q=ransoware+data+base+github

firefox.exe

Remote address:

95.101.143.219:443

Request

GET /search?form=MOZLBR&pc=MOZI&q=ransoware+data+base+github HTTP/2.0
host: www.bing.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
cache-control: private, max-age=0
content-encoding: br
expires: Sat, 10 Aug 2024 21:44:58 GMT
vary: Accept-Encoding
x-eventid: 66b7df9607bb423ab32eb478ae2b9e2b
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sat, 10 Aug 2024 21:45:58 GMT
set-cookie: MUID=3B47DB91659261530C0BCF4664E7602D; domain=.bing.com; expires=Thu, 04-Sep-2025 21:45:58 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=3B47DB91659261530C0BCF4664E7602D; expires=Thu, 04-Sep-2025 21:45:58 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=02E1C70D1AC361DB3858D3DA1BB660FE; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Thu, 04-Sep-2025 21:45:58 GMT; path=/; HttpOnly
set-cookie: _SS=PC=MOZI&SID=02E1C70D1AC361DB3858D3DA1BB660FE; domain=.bing.com; path=/; secure; SameSite=None
set-cookie: SRCHS=PC=MOZI; domain=.bing.com; path=/; secure; SameSite=None
set-cookie: SRCHD=AF=MOZLBR; domain=.bing.com; expires=Thu, 04-Sep-2025 21:45:58 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=E71A29DF6C174DD798A4CF3E3D11BB88&dmnchg=1; domain=.bing.com; expires=Thu, 04-Sep-2025 21:45:58 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240810; domain=.bing.com; expires=Thu, 04-Sep-2025 21:45:58 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Thu, 04-Sep-2025 21:45:58 GMT; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.c58f655f.1723326358.14faff68
set-cookie: ak_bmsc=21C24567F2E18713F86DC399292197EF~000000000000000000000000000000~YAAQxY9lXx1cpyeRAQAAF2VBPhjR/kI/Jsdu247Pz3lHHvDbBVLa2aEuXV889HvwmoTk+NcxQPgAVqCVExglMmdOumSQ+YgHii/FXbo3z/SlZZrDTeB9g+s++miBLTKR2GPUaYhe2aVHszXzsESkREvXi7KbPKulVT4eiiwKKvr2cbq7+jGwXZvH1fTYll/iLYze8+nztBMNZeDvFRAS6x32L5HL5rPbeqA/b8hljnteFLcBZtqnbkVorciFV9tRCixPxM+hHsVQnVfW3Nh2bBHRclrK5lL6mGNLauthQQ3nk9j6UQ0yRg++88YVBUWOW3j3HWjE7CY1LGPTdg8C7/dgmqC7n5e7NxLu+mCxNSgYvWpeT4WESrNodkyhWAFP1knCfNxU8yY=; Domain=.bing.com; Path=/; Expires=Sat, 10 Aug 2024 23:45:58 GMT; Max-Age=7200
GET

https://www.bing.com/rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png

firefox.exe

Remote address:

95.101.143.219:443

Request

GET /rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png HTTP/2.0
host: www.bing.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.bing.com/search?form=MOZLBR&pc=MOZI&q=ransoware+data+base+github
cookie: MUID=3B47DB91659261530C0BCF4664E7602D
cookie: MUIDB=3B47DB91659261530C0BCF4664E7602D
cookie: _EDGE_S=F=1&SID=02E1C70D1AC361DB3858D3DA1BB660FE
cookie: _EDGE_V=1
cookie: _SS=PC=MOZI&SID=02E1C70D1AC361DB3858D3DA1BB660FE
cookie: SRCHS=PC=MOZI
cookie: SRCHD=AF=MOZLBR
cookie: SRCHUID=V=2&GUID=E71A29DF6C174DD798A4CF3E3D11BB88&dmnchg=1
cookie: SRCHUSR=DOB=20240810
cookie: SRCHHPGUSR=SRCHLANG=en
cookie: ak_bmsc=21C24567F2E18713F86DC399292197EF~000000000000000000000000000000~YAAQxY9lXx1cpyeRAQAAF2VBPhjR/kI/Jsdu247Pz3lHHvDbBVLa2aEuXV889HvwmoTk+NcxQPgAVqCVExglMmdOumSQ+YgHii/FXbo3z/SlZZrDTeB9g+s++miBLTKR2GPUaYhe2aVHszXzsESkREvXi7KbPKulVT4eiiwKKvr2cbq7+jGwXZvH1fTYll/iLYze8+nztBMNZeDvFRAS6x32L5HL5rPbeqA/b8hljnteFLcBZtqnbkVorciFV9tRCixPxM+hHsVQnVfW3Nh2bBHRclrK5lL6mGNLauthQQ3nk9j6UQ0yRg++88YVBUWOW3j3HWjE7CY1LGPTdg8C7/dgmqC7n5e7NxLu+mCxNSgYvWpeT4WESrNodkyhWAFP1knCfNxU8yY=
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=432000, no-transform, immutable
content-length: 10060
content-type: image/png
content-md5: NyL0K09FbOsKFVWkE+stgw==
last-modified: Fri, 22 Mar 2024 20:42:06 GMT
etag: 0x8DC4AB0896DD41E
x-ms-request-id: e2971f82-c01e-0023-220d-e89e6f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-amd-bc-debug: [a=2.17.209.38,b=27609086,c=c,d=1723117735,h=200,k=29,l=1,n=GB_EN_LONDON,o=20940,r=30,p=10060]
date: Sat, 10 Aug 2024 21:45:58 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.c58f655f.1723326358.14fb0124
DNS

e86303.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e86303.dscx.akamaiedge.net

IN A

Response

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

95.101.143.219
DNS

e86303.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e86303.dscx.akamaiedge.net

IN A

Response

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

95.101.143.219
DNS

e86303.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e86303.dscx.akamaiedge.net

IN AAAA

Response

e86303.dscx.akamaiedge.net

IN AAAA

2a02:26f0:1780:d::213:f823

e86303.dscx.akamaiedge.net

IN AAAA

2a02:26f0:1780:d::213:f81f
DNS

e86303.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e86303.dscx.akamaiedge.net

IN AAAA

Response

e86303.dscx.akamaiedge.net

IN AAAA

2a02:26f0:1780:d::213:f823

e86303.dscx.akamaiedge.net

IN AAAA

2a02:26f0:1780:d::213:f81f
DNS

219.143.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

219.143.101.95.in-addr.arpa

IN PTR

Response

219.143.101.95.in-addr.arpa

IN PTR

a95-101-143-219deploystaticakamaitechnologiescom
DNS

219.143.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

219.143.101.95.in-addr.arpa

IN PTR

Response

219.143.101.95.in-addr.arpa

IN PTR

a95-101-143-219deploystaticakamaitechnologiescom
DNS

r.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

95.101.143.219
DNS

r.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

95.101.143.219
GET

https://r.bing.com/rp/NrVxAJRIC-KRKL-qHvM71lVoCPs.br.css

firefox.exe

Remote address:

95.101.143.201:443

Request

GET /rp/NrVxAJRIC-KRKL-qHvM71lVoCPs.br.css HTTP/2.0
host: r.bing.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.bing.com/
x-moz: prefetch
origin: https://www.bing.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

content-length: 6534
content-type: text/css; charset=utf-8
content-encoding: br
content-md5: gDvzRdQ7HLs+ezV8cUVOmQ==
last-modified: Fri, 02 Aug 2024 13:09:01 GMT
etag: 0x8DCB2F4476C2E05
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 344071c1-901e-00a8-5110-e59a02000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
akamai-grn: 0.60ba1302.1722626320.57a59d51
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, no-transform, max-age=120767
expires: Mon, 12 Aug 2024 07:18:46 GMT
date: Sat, 10 Aug 2024 21:45:59 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.d78f655f.1723326359.1696adbb
timing-allow-origin: *
DNS

th.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A

Response

th.bing.com

IN CNAME

p-th.bing.com.trafficmanager.net

p-th.bing.com.trafficmanager.net

IN CNAME

th.bing.com.edgekey.net

th.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.219

e86303.dscx.akamaiedge.net

IN A

95.101.143.201
DNS

th.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A

Response

th.bing.com

IN CNAME

p-th.bing.com.trafficmanager.net

p-th.bing.com.trafficmanager.net

IN CNAME

th.bing.com.edgekey.net

th.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

95.101.143.219
DNS

login.microsoftonline.com

firefox.exe

Remote address:

8.8.8.8:53

Request

login.microsoftonline.com

IN A

Response

login.microsoftonline.com

IN CNAME

login.mso.msidentity.com

login.mso.msidentity.com

IN CNAME

ak.privatelink.msidentity.com

ak.privatelink.msidentity.com

IN CNAME

www.tm.ak.prd.aadg.trafficmanager.net

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.69

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.0

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.67

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.64

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.4

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.71

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.71

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.73
DNS

login.microsoftonline.com

firefox.exe

Remote address:

8.8.8.8:53

Request

login.microsoftonline.com

IN A

Response

login.microsoftonline.com

IN CNAME

login.mso.msidentity.com

login.mso.msidentity.com

IN CNAME

ak.privatelink.msidentity.com

ak.privatelink.msidentity.com

IN CNAME

www.tm.ak.prd.aadg.trafficmanager.net

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.64

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.0

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.73

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.69

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.71

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.4

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.67

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.71
DNS

www.tm.ak.prd.aadg.trafficmanager.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.tm.ak.prd.aadg.trafficmanager.net

IN A

Response

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.67

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.2

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.75

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.0

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.68

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.69

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.4

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.64
DNS

www.tm.ak.prd.aadg.trafficmanager.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.tm.ak.prd.aadg.trafficmanager.net

IN A

Response

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.67

www.tm.ak.prd.aadg.trafficmanager.net

IN A

40.126.31.69

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.0

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.64

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.4

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.2

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.75

www.tm.ak.prd.aadg.trafficmanager.net

IN A

20.190.159.68
GET

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=20bc090e-636b-4a61-8891-1b90a7018730&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%2264DA08D00105497A9890DC74AC2CACB8%22%7d

firefox.exe

Remote address:

40.126.31.69:443

Request

GET /common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=20bc090e-636b-4a61-8891-1b90a7018730&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%2264DA08D00105497A9890DC74AC2CACB8%22%7d HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: af1ae7ab-43a1-4a9a-9910-655cdca72a00
x-ms-ests-server: 2.1.18662.4 - SEC ProdSlices
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: buid=0.AR8AMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYwZwbRm2nBaA72iLl3Zt5DZnCgPaWtrF-6A1ZWzN3Q42ffZs0-MJDIanAxVl6V1vN2_DsX6419-fGvf9oQN64fgPdQTPz_r8LLRpK4DlpEjggAA; expires=Mon, 09-Sep-2024 21:46:00 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: fpc=AoXdFv38dn1FphUXfsudh1iCeMQLAQAAAJfWSd4OAAAA; expires=Mon, 09-Sep-2024 21:46:00 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: esctx=PAQABBwEAAAApTwJmzXqdR4BN2miheQMYW9mjsbkG9xABkYzd9a4Zx_1J1C_Vc8a0njxP8MQ5kElmHnW0n_HGR72Gk3Wf7BXrrbt_yDDLqPhxf3B9crfsJx3zD8rNo7_qGTTBk4KW0xDwBZfbMQUJ1DGT1Hz74hxFhtj6uReSUeglFDltrrmlhYfkLpa7FPd0jJDP_4g2_YAgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Sat, 10 Aug 2024 21:46:00 GMT
Content-Length: 673
DNS

www.tm.ak.prd.aadg.trafficmanager.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA

Response

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA

2603:1027:1:158::8

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA

2603:1026:3000:150::5

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA

2603:1026:3000:150::8

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA

2603:1026:3000:150::c

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA

2603:1027:1:158::a

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA

2603:1026:3000:150::6

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA

2603:1027:1:158::c

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA

2603:1026:3000:150::a
DNS

www.tm.ak.prd.aadg.trafficmanager.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.tm.ak.prd.aadg.trafficmanager.net

IN AAAA
DNS

69.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.31.126.40.in-addr.arpa

IN PTR

Response
DNS

69.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.31.126.40.in-addr.arpa

IN PTR

Response
DNS

services.bingapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

services.bingapis.com

IN A

Response

services.bingapis.com

IN CNAME

services-bingapis-com.e-0001.e-msedge.net

services-bingapis-com.e-0001.e-msedge.net

IN CNAME

e-0001.e-msedge.net

e-0001.e-msedge.net

IN A

13.107.5.80
DNS

services.bingapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

services.bingapis.com

IN A

Response

services.bingapis.com

IN CNAME

services-bingapis-com.e-0001.e-msedge.net

services-bingapis-com.e-0001.e-msedge.net

IN CNAME

e-0001.e-msedge.net

e-0001.e-msedge.net

IN A

13.107.5.80
OPTIONS

https://services.bingapis.com/suggestionchips/api/v1/cannedChips

firefox.exe

Remote address:

13.107.5.80:443

Request

OPTIONS /suggestionchips/api/v1/cannedChips HTTP/2.0
host: services.bingapis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: content-type
referer: https://www.bing.com/
origin: https://www.bing.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 204

cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3418B001FBB4EF492262D3944DE526D Ref B: AMS04EDGE3115 Ref C: 2024-08-10T21:46:01Z
set-cookie: MUIDB=21FD1CE264B563E12E5B083565BD62C2; path=/; httponly; expires=Thu, 04-Sep-2025 21:46:01 GMT
date: Sat, 10 Aug 2024 21:46:00 GMT
POST

https://services.bingapis.com/suggestionchips/api/v1/cannedChips

firefox.exe

Remote address:

13.107.5.80:443

Request

POST /suggestionchips/api/v1/cannedChips HTTP/2.0
host: services.bingapis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
content-length: 48
origin: https://www.bing.com
referer: https://www.bing.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 116
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 863F9F4E578143B0B0885585CD59806A Ref B: AMS04EDGE3115 Ref C: 2024-08-10T21:46:01Z
set-cookie: MUIDB=10699AE4B4E86F1C019A8E33B5E06E0B; path=/; httponly; expires=Thu, 04-Sep-2025 21:46:01 GMT
date: Sat, 10 Aug 2024 21:46:01 GMT
DNS

e-0001.e-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e-0001.e-msedge.net

IN A

Response

e-0001.e-msedge.net

IN A

13.107.5.80
DNS

e-0001.e-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e-0001.e-msedge.net

IN A

Response

e-0001.e-msedge.net

IN A

13.107.5.80
DNS

e-0001.e-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e-0001.e-msedge.net

IN AAAA

Response
DNS

e-0001.e-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e-0001.e-msedge.net

IN AAAA

Response
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.111.133

avatars.githubusercontent.com

IN A

185.199.110.133

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.108.133
DNS

avatars.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.110.133

avatars.githubusercontent.com

IN A

185.199.108.133

avatars.githubusercontent.com

IN A

185.199.111.133
DNS

avatars.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A
GET

https://github.com/kh4sh3i/Ransomware-Samples

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.bing.com/
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:02 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"5dc0afc5dba67c9f57fb0210c7504dc8"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
set-cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.1794739429.1723326361; Path=/; Domain=github.com; Expires=Sun, 10 Aug 2025 21:46:01 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Sun, 10 Aug 2025 21:46:01 GMT; HttpOnly; Secure; SameSite=Lax
accept-ranges: bytes
x-github-request-id: C733:3BA9F4:63254B:73257B:66B7DF99
GET

https://github.com/kh4sh3i/Ransomware-Samples/raw/main/ransomware.png

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/raw/main/ransomware.png HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 302

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:02 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/ransomware.png
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C733:3BA9F4:6325B8:7325ED:66B7DF9A
GET

https://github.com/kh4sh3i/Ransomware-Samples/refs?type=branch

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/refs?type=branch HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:03 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"56a3b41b3adb53ca7fce5703eb10dacf"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: 7f34e7f357f843c28d92476b5ae47ba36afd7174c10d84fbbcbad98f26901417
accept-ranges: bytes
content-length: 97
x-github-request-id: C733:3BA9F4:632620:732668:66B7DF9B
GET

https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/latest-commit/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:03 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"033da1cccc24b02dd0ddba2f09ad7ecd"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 83
x-github-request-id: C733:3BA9F4:632620:732663:66B7DF9A
GET

https://github.com/kh4sh3i/Ransomware-Samples/tree-commit-info/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/tree-commit-info/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:03 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"8902c7088699d5c25402933819980cd9"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: 7f34e7f357f843c28d92476b5ae47ba36afd7174c10d84fbbcbad98f26901417
accept-ranges: bytes
content-length: 95
x-github-request-id: C733:3BA9F4:632620:732669:66B7DF9B
GET

https://github.com/kh4sh3i/Ransomware-Samples/overview-files/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/overview-files/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:03 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"b8309e33807e7ea17d71a2ae327ccd7f"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 427
x-github-request-id: C733:3BA9F4:632620:732665:66B7DF9B
GET

https://github.com/kh4sh3i/Ransomware-Samples/branch-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/branch-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:03 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"cb0e16f74200ff3478208d990661e6b9"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 13732
x-github-request-id: C733:3BA9F4:632620:732667:66B7DF9B
GET

https://github.com/kh4sh3i/Ransomware-Samples/tag-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/tag-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:03 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ba1c8a82daf994caf97ceeb6a062e61c"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 671
x-github-request-id: C733:3BA9F4:632620:732666:66B7DF9B
GET

https://github.com/fluidicon.png

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /fluidicon.png HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:04 GMT
content-type: image/png
content-length: 33270
last-modified: Sat, 10 Aug 2024 13:04:08 GMT
etag: "66b76548-81f6"
vary: Accept-Encoding, Accept, X-Requested-With
x-frame-options: DENY
accept-ranges: bytes
x-github-request-id: C733:3BA9F4:632686:7326DB:66B7DF9B
GET

https://github.com/kh4sh3i/Ransomware-Samples/security/overall-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/security/overall-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:04 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"75a11da44c802486bc6f65640aa48a73"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-html-safe: 7f34e7f357f843c28d92476b5ae47ba36afd7174c10d84fbbcbad98f26901417
accept-ranges: bytes
content-length: 33
x-github-request-id: C733:3BA9F4:6326CA:732716:66B7DF9C
GET

https://github.com/kh4sh3i/Ransomware-Samples/spoofed_commit_check/71f6062209bed1c52b63637746239868da0da49e

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/spoofed_commit_check/71f6062209bed1c52b63637746239868da0da49e HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 204

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:04 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
x-github-request-id: C733:3BA9F4:6326CA:732717:66B7DF9C
GET

https://github.com/kh4sh3i/Ransomware-Samples/hovercards/citation/sidebar_partial?tree_name=main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/hovercards/citation/sidebar_partial?tree_name=main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:04 GMT
content-type: text/fragment+html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: C733:3BA9F4:6326CA:732715:66B7DF9C
GET

https://github.com/kh4sh3i/Ransomware-Samples/used_by_list

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/used_by_list HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:04 GMT
content-type: text/plain; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: C733:3BA9F4:6326CA:732718:66B7DF9C
GET

https://github.com/kh4sh3i/Ransomware-Samples/tree/main/TeslaCrypt

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/tree/main/TeslaCrypt HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-origin
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:21 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"748e52d77fb69ce5b6986c66279c499e"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: C733:3BA9F4:632C6B:732D99:66B7DF9C
GET

https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/TeslaCrypt

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/latest-commit/main/TeslaCrypt HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/TeslaCrypt
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:22 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"d849bff73b652ff7bc2d020e8b055873"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 266
x-github-request-id: C733:3BA9F4:632CE7:732E2F:66B7DFAE
GET

https://github.com/kh4sh3i/Ransomware-Samples/tree-commit-info/main/TeslaCrypt

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/tree-commit-info/main/TeslaCrypt HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/TeslaCrypt
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:22 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ae1919b5b4363f2828c5094f8afb49e1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C733:3BA9F4:632CE7:732E30:66B7DFAE
GET

https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/TeslaCrypt

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/deferred-metadata/main/TeslaCrypt HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/TeslaCrypt
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:22 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"f5dd1acce1815cffd234470be1d56846"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 425
x-github-request-id: C733:3BA9F4:632CE6:732E2E:66B7DFAD
GET

https://github.com/kh4sh3i/Ransomware-Samples/tree/main/Jigsaw

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/tree/main/Jigsaw HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-origin
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:36 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"4b20e619542cecf18f1d4a09741f3caf"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: C733:3BA9F4:63316D:73336F:66B7DFAE
GET

https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/Jigsaw

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/latest-commit/main/Jigsaw HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/Jigsaw
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"f5dd1acce1815cffd234470be1d56846"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 425
x-github-request-id: C733:3BA9F4:6331D1:7333E9:66B7DFBC
GET

https://github.com/kh4sh3i/Ransomware-Samples/tree-commit-info/main/Jigsaw

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/tree-commit-info/main/Jigsaw HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/Jigsaw
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"7b49070d49ce371364bbd958e7f37a3f"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 263
x-github-request-id: C733:3BA9F4:6331D3:7333EB:66B7DFBD
GET

https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/Jigsaw

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/deferred-metadata/main/Jigsaw HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/Jigsaw
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ae1919b5b4363f2828c5094f8afb49e1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C733:3BA9F4:6331D4:7333EE:66B7DFBD
GET

https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
x-requested-with: XMLHttpRequest
x-github-target: dotcom
x-react-router: json
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:56 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"9f812079bc013f102dcbccc95e55d947"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1845
x-github-request-id: C733:3BA9F4:6337AC:733AC0:66B7DFBD
GET

https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/latest-commit/main/TeslaCrypt/Ransomware.TeslaCrypt.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:56 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"f5dd1acce1815cffd234470be1d56846"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 425
x-github-request-id: C733:3BA9F4:6337C7:733ADF:66B7DFD0
GET

https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/deferred-metadata/main/TeslaCrypt/Ransomware.TeslaCrypt.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:56 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ae1919b5b4363f2828c5094f8afb49e1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C733:3BA9F4:6337C7:733AE0:66B7DFD0
GET

https://github.com/kh4sh3i/Ransomware-Samples/raw/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/raw/main/TeslaCrypt/Ransomware.TeslaCrypt.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 302

server: GitHub.com
date: Sat, 10 Aug 2024 21:46:58 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C733:3BA9F4:633884:733BB1:66B7DFD0
GET

https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip
x-requested-with: XMLHttpRequest
x-github-target: dotcom
x-react-router: json
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:47:04 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"8b9a2379369603f9ecc016a27604d930"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1835
x-github-request-id: C733:3BA9F4:633ABF:733E59:66B7DFD2
GET

https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/Jigsaw/Ransomware.Jigsaw.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/latest-commit/main/Jigsaw/Ransomware.Jigsaw.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:47:05 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"f5dd1acce1815cffd234470be1d56846"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 425
x-github-request-id: C733:3BA9F4:633AE7:733E88:66B7DFD8
GET

https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/Jigsaw/Ransomware.Jigsaw.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/deferred-metadata/main/Jigsaw/Ransomware.Jigsaw.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:47:05 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ae1919b5b4363f2828c5094f8afb49e1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: C733:3BA9F4:633AE7:733E89:66B7DFD9
GET

https://github.com/kh4sh3i/Ransomware-Samples/raw/main/Jigsaw/Ransomware.Jigsaw.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/raw/main/Jigsaw/Ransomware.Jigsaw.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 302

server: GitHub.com
date: Sat, 10 Aug 2024 21:47:06 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/Jigsaw/Ransomware.Jigsaw.zip
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C733:3BA9F4:633B57:733F08:66B7DFD9
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
DNS

80.5.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.5.107.13.in-addr.arpa

IN PTR

Response
DNS

80.5.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.5.107.13.in-addr.arpa

IN PTR

Response
DNS

215.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

215.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.111.154
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.108.154
GET

https://github.githubassets.com/assets/light-efd2f2257c96.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/light-efd2f2257c96.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 20 Jun 2024 15:04:39 GMT
etag: 0x8DC913A4EE7222B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1150583
x-served-by: cache-iad-kjyo7100087-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 92, 14753
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 919a2d80ed9da23923189581e914fcd8971cf1f4
content-length: 6777
GET

https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-lib-7b7b5264f6c1.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:50 GMT
etag: 0x8DCAB55C856ACEA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kjyo7100029-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 17177
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fabd7c6b56b5849b9fe8bb0d5f00af6a0c0a7ee9
content-length: 54857
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA71DF1B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942543
x-served-by: cache-iad-kjyo7100043-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 70, 13111
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ea543569b2d3f0302905b21bcadd206f65934cb1
content-length: 4233
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAB9BA4E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1064054
x-served-by: cache-iad-kjyo7100061-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 16400
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fed881eaf39c257cb36024cf796f99bae33f9436
content-length: 4777
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 20:29:19 GMT
etag: 0x8DCB65673021528
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273722
x-served-by: cache-iad-kcgs7200073-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 7019
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ebff8ad5ca900c813a18aabe726debee203305e7
content-length: 4499
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 30 Jul 2024 14:28:35 GMT
etag: 0x8DCB0A3E5A62F1C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273722
x-served-by: cache-iad-kiad7000160-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 7028
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6e41ed7eb64d1c5f468547b52665bde8ddb6c624
content-length: 4950
GET

https://github.githubassets.com/assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9B32E84
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466824
x-served-by: cache-iad-kiad7000030-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 16466
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 21e3f073d017dcab5f3e812f2aba1e070da8707c
content-length: 7009
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-c4c6e3be7790.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-c4c6e3be7790.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 02 Aug 2024 19:20:41 GMT
etag: 0x8DCB32832D35CCA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 449513
x-served-by: cache-iad-kcgs7200168-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 18, 8675
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 905a40120c9a8f62fe52eec34ff54bbe0077f73d
content-length: 5040
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 05 Aug 2024 16:06:17 GMT
etag: 0x8DCB56889BF04A0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 449510
x-served-by: cache-iad-kcgs7200041-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 7017
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a695228209d368808bcb056763155cbfba891aa5
content-length: 5605
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_modules_primer_react_lib-esm_Text-7845da-3bcd176ee601.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_modules_primer_react_lib-esm_Text-7845da-3bcd176ee601.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 23:34:20 GMT
etag: 0x8DCB8CBCB433963
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 33014
x-served-by: cache-iad-kcgs7200104-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 832
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b60dae6daea1d50208bdec4cfba943f0b00b5859
content-length: 13996
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-e73d967c1bb4.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-e73d967c1bb4.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9F23A95
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kjyo7100027-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15686
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4e584a652a6c3202978b216eda1562f9dac399a5
content-length: 7912
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_SelectPanel_SelectPanel_js-da4b9b447323.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_SelectPanel_SelectPanel_js-da4b9b447323.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 30 Jul 2024 14:28:35 GMT
etag: 0x8DCB0A3E5A62F1C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273722
x-served-by: cache-iad-kiad7000160-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 7027
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bb4595060e3768f78beda76e5f2dd44de4296855
content-length: 4950
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modules_primer_react_lib-esm_Feature-c10078-a365ebbc3112.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modules_primer_react_lib-esm_Feature-c10078-a365ebbc3112.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 20:29:19 GMT
etag: 0x8DCB65673021528
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273722
x-served-by: cache-iad-kcgs7200073-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 7018
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9cd53e63238ae0466b7c24fe5ba230b6d17970de
content-length: 4499
GET

https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAB9BA4E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1064054
x-served-by: cache-iad-kjyo7100061-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 16399
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7946e277a51c816b037d56864a131644c4b8d596
content-length: 4777
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu-7732df7cded3.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-subscriptions-menu-7732df7cded3.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 02 Aug 2024 22:13:06 GMT
etag: 0x8DCB34048D4C780
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273722
x-served-by: cache-iad-kcgs7200055-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 7148
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a01b324d749fa417bf84708270fede9448d97b75
content-length: 140777
GET

https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-lib-7b7b5264f6c1.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9B32E84
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466824
x-served-by: cache-iad-kiad7000030-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 16465
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c5379cc29a1439c205c684b5478afab2d83e04b8
content-length: 7009
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA172CCD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942544
x-served-by: cache-iad-kiad7000058-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 78, 13711
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ac60af90a87e8f02a2e3ebacd0568cd25c74659c
content-length: 3763
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 02 Aug 2024 22:13:06 GMT
etag: 0x8DCB34048F82D3E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273722
x-served-by: cache-iad-kiad7000136-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 6984
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 48312270f967f1cdd6cdcc6f850e40fffd742dc9
content-length: 8526
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9EF7E8A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kiad7000146-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15548
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 64332c9d5ecc0d9d91ea70e4f18da7f73b45eeb0
content-length: 3000
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 21:22:13 GMT
etag: 0x8DCB7F02C0A4B45
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 33014
x-served-by: cache-iad-kiad7000025-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 825
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3c3538ab08858dd4fb0a28d72b0fdf6fb329b293
content-length: 7833
GET

https://github.githubassets.com/assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 18:42:14 GMT
etag: 0x8DCB710A7C0EAB3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 100372
x-served-by: cache-iad-kjyo7100105-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 52, 1474
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1158adcd38971144dc64afcd6d5bcbe725fcd210
content-length: 8265
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-c4c6e3be7790.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-c4c6e3be7790.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA172CCD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942544
x-served-by: cache-iad-kiad7000058-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 78, 13712
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 24247766c3f41a716a4b34adc8841b5ca0a360bb
content-length: 3763
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:50 GMT
etag: 0x8DCAB55C856ACEA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kjyo7100029-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 17178
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6bc42428e8ed5fde4e071ebecbe46000a10134ba
content-length: 54857
GET

https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 30 Jul 2024 14:28:35 GMT
etag: 0x8DCB0A3E5A6A3D2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273722
x-served-by: cache-iad-kjyo7100146-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 5330
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 249949486fdd05b0588e531b9548a00b0d196327
content-length: 10680
GET

https://github.githubassets.com/assets/repository-992e95451f25.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repository-992e95451f25.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 02 Aug 2024 22:13:06 GMT
etag: 0x8DCB34048F82D3E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273722
x-served-by: cache-iad-kiad7000136-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 6985
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3108e84c6c27c96e0dc7cfcb4b2d0edc4183713c
content-length: 8526
GET

https://github.githubassets.com/assets/code-34406d39e629.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/code-34406d39e629.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA73B1CC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942544
x-served-by: cache-iad-kiad7000107-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 69, 12900
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e42047348353ca2c57bfc25085af05557516645b
content-length: 5697
GET

https://github.githubassets.com/assets/wp-runtime-6ea6ec8e4769.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/wp-runtime-6ea6ec8e4769.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:42 GMT
etag: 0x8DCB58754CF6A56
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200158-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 9126
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cd70992c2a7262352e54a463644296d3abd68bbf
content-length: 4229
GET

https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-89a69c248502.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_dompurify_dist_purify_js-89a69c248502.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:42 GMT
etag: 0x8DCB58754CF6A56
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200158-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 9126
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d530b04be5ed8d3b3177a5b2dc4751710db1e305
content-length: 4229
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 20:27:41 GMT
etag: 0x8DCB7E88D666CAD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 170984
x-served-by: cache-iad-kiad7000038-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 70, 3093
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 260b108bce76279f9575f97db34566dc118ce30f
content-length: 6237
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_smoothscroll-polyfill_di-75db2e-686488490524.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_smoothscroll-polyfill_di-75db2e-686488490524.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 02 Aug 2024 22:13:06 GMT
etag: 0x8DCB34048D4C780
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273722
x-served-by: cache-iad-kcgs7200055-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 7149
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bcb167f9e9383ef3dee57f2a6c44da2dcecc2a35
content-length: 140777
GET

https://github.githubassets.com/assets/environment-cd098098ff2e.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/environment-cd098098ff2e.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:36 GMT
etag: 0x8DCB587514BBE51
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kjyo7100173-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8588
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cb777949085758a195657fb4ab39b80db869e714
content-length: 5255
GET

https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F4CB0D8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200163-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8668
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 53dd54b1eaa6bd1ddc9f629057f7890ae857eebc
content-length: 3595
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-c9086a4fb62b.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-c9086a4fb62b.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 24 Jul 2024 21:36:14 GMT
etag: 0x8DCAC28A4AA6B3B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kcgs7200164-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15688
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6a385ade731899d2deb12569d24f252b3f2a992d
content-length: 5472
GET

https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f9b958f5f2df.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-f9b958f5f2df.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:51:29 GMT
etag: 0x8DCB648C82ABBBA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 337636
x-served-by: cache-iad-kjyo7100030-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 76, 8342
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4c3fd12be1cffc026ae956c1469be7430ece0bbc
content-length: 5015
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_combo-aea225-dcf5851b6d7d.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_combo-aea225-dcf5851b6d7d.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 07:38:23 GMT
etag: 0x8DCB6B3EAF9522C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 306662
x-served-by: cache-iad-kiad7000069-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 7928
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 70b1f0a16b1fc17ca82e31bb68a6bf48811e9198
content-length: 7283
GET

https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-cd48220d74d5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-cd48220d74d5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 17:14:38 GMT
etag: 0x8DCB7046B3F5B20
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 256144
x-served-by: cache-iad-kiad7000038-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 70, 6302
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 54dac307d0c83f6e0d0f02c69d273b92adf08e91
content-length: 21433
GET

https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_details-d-ed9a97-841122a1e9d4.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_details-d-ed9a97-841122a1e9d4.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 07:38:20 GMT
etag: 0x8DCB6B3E8FFE23D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 306662
x-served-by: cache-iad-kiad7000111-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 7960
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7281710a05362c3e15fa6f611039325f074dfe09
content-length: 11058
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-3efda3-701acb69193f.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-3efda3-701acb69193f.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA15C92E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942544
x-served-by: cache-iad-kiad7000050-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 84, 16269
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 743e8d8e960017911b621df5addaddaaefa95d67
content-length: 3320
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-2355048ff048.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-2355048ff048.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA2435F4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kjyo7100033-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 15509
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6d1c91fad086301c68201c634a7a63fad9f7a2ce
content-length: 3070
GET

https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_clipboard-copy-element_-782ca5-54763cd55b96.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_clipboard-copy-element_-782ca5-54763cd55b96.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA2435F4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kiad7000168-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15568
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fefff9fe700bbfa6907a994b8cbcc183215315cd
content-length: 3284
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-3959a9-5779869d7165.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-3959a9-5779869d7165.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9F1513E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kcgs7200102-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15602
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 44b583799d9dded9b7c142abf896442eb45905f4
content-length: 4939
GET

https://github.githubassets.com/assets/app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-9d50d6f10c3d.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-9d50d6f10c3d.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 31 Jul 2024 16:17:44 GMT
etag: 0x8DCB17C4F94A6D1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 877800
x-served-by: cache-iad-kcgs7200173-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 52, 16682
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 183e440310431386b17c1e83167148264129435a
content-length: 4754
GET

https://github.githubassets.com/assets/github-elements-b5a402753026.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/github-elements-b5a402753026.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA245CD8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 813536
x-served-by: cache-iad-kiad7000129-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 15644
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7952ddc3c635f12735108461bae4ecfa16a541fa
content-length: 4301
GET

https://github.githubassets.com/assets/element-registry-2b312e7d31e7.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/element-registry-2b312e7d31e7.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 11:58:40 GMT
etag: 0x8DCB545F27BA72C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 306662
x-served-by: cache-iad-kcgs7200055-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 7915
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0dcdf5a2c40c9fe480246a598879708f2f805e15
content-length: 6047
GET

https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-7901e7-dc88587c14ed.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-7901e7-dc88587c14ed.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA1E2257
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kiad7000080-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 40, 9928
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8384bf7905126e2c65e5e910bdc373f7b10a1995
content-length: 2607
GET

https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_stack-68835d-a18220f1db8d.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_stack-68835d-a18220f1db8d.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAB9BA4E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1064055
x-served-by: cache-iad-kjyo7100061-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 16401
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7521a7627ade24c20e851ce4d62484c75557204a
content-length: 4777
GET

https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 30 Jul 2024 14:28:35 GMT
etag: 0x8DCB0A3E5A62F1C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273723
x-served-by: cache-iad-kiad7000160-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 7029
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 58c03fdb795dc741773a62488a06b1e2f24d68f2
content-length: 4950
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 30 Jul 2024 14:28:35 GMT
etag: 0x8DCB0A3E5A6A3D2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273723
x-served-by: cache-iad-kjyo7100146-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 5331
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0724f987ff3b1fda24d21d6f6e1dcc47943d7b65
content-length: 10680
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA73B1CC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942544
x-served-by: cache-iad-kiad7000107-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 69, 12901
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2e9181ae7fae8cbf978f85ec9222062bdbe044d3
content-length: 5697
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA2E15EB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466824
x-served-by: cache-iad-kjyo7100041-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 16120
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3de62403ca24c0210eeea601efac6de05bf54e34
content-length: 18641
GET

https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_hotkey-1a1d91-fa9f29a8514b.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_hotkey-1a1d91-fa9f29a8514b.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:51:29 GMT
etag: 0x8DCB648C80E530C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 337637
x-served-by: cache-iad-kjyo7100038-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 76, 8544
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2b7f526ff805eb3e85b5f39b59030df6f29f77e8
content-length: 5415
GET

https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9B32E84
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1439331
x-served-by: cache-iad-kjyo7100048-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 15810
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6fa1508b9ccd0e714286ddd3df905296df3c1ad2
content-length: 6921
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-53b423ede32a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-53b423ede32a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA1D5FD6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kjyo7100087-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15673
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cff64ca6056006314cdd1fa4e88026a2b193c775
content-length: 2385
GET

https://github.githubassets.com/assets/vendors-node_modules_github_session-resume_dist_index_js-node_modules_primer_behaviors_dist_e-da6ec6-5de3eedc1320.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_session-resume_dist_index_js-node_modules_primer_behaviors_dist_e-da6ec6-5de3eedc1320.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA245CD8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kiad7000173-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 15674
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 29e904a3a484a256add4977c5362dcac7ff42bf0
content-length: 3911
GET

https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_textarea-autosi-9e0349-ab4976fc78a6.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_textarea-autosi-9e0349-ab4976fc78a6.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9E02677
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kjyo7100169-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15680
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2d4168bfcac944c432e92d81370ebe3e88baf93a
content-length: 4852
GET

https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-e15463ecf7e6.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_updatable-content_updatable-content_ts-e15463ecf7e6.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAE50665
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1069260
x-served-by: cache-iad-kcgs7200053-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15689
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 55f15961c6240e119902aa28a497e5b514ecbfc4
content-length: 4582
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-f0e1d31bff9a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-f0e1d31bff9a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA1E2257
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466824
x-served-by: cache-iad-kcgs7200153-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15697
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 90c0d246a2f83919e615422fa0226df62aa95ed7
content-length: 3816
GET

https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA6B9D0E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kcgs7200046-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15733
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 10e4b560da1db55d6da3211211e27cea31d58e49
content-length: 3001
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-467754-8b1a4442f9b3.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-467754-8b1a4442f9b3.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:41 GMT
etag: 0x8DCB58753C2D204
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kiad7000101-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 139, 5571
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cfc980db6d848c5cd95b326e18b653996d5aa04b
content-length: 20072
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-4accd4baf37d.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-4accd4baf37d.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB5875099B15B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200030-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 85, 6362
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fd912a990d9188b8fda6c90d7733d164f7210b36
content-length: 238
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-6deafe-fc95155e233a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-6deafe-fc95155e233a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 02 Aug 2024 22:13:06 GMT
etag: 0x8DCB34048D4C780
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273723
x-served-by: cache-iad-kcgs7200055-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 7150
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 784b92493406ce12c81b8dc03e4fbfad642fa760
content-length: 140777
GET

https://github.githubassets.com/assets/behaviors-d0c6b90f51b9.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/behaviors-d0c6b90f51b9.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F4B0508
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kjyo7100032-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 6775
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9a840e7033194d4bcd36655b30d964bb52830113
content-length: 3258
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 23:17:40 GMT
etag: 0x8DCB66DF7994741
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 182286
x-served-by: cache-iad-kiad7000033-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 68, 2675
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b911d641901664dc0135867cee38e3e240f77cbf
content-length: 10211
GET

https://github.githubassets.com/assets/notifications-global-3ddac678adaf.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-global-3ddac678adaf.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:51:29 GMT
etag: 0x8DCB648C82F9865
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 337630
x-served-by: cache-iad-kcgs7200168-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 56, 5229
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 48fc5a91b8588718d1e57afa8b9826f052c7e7ab
content-length: 8056
GET

https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:51:29 GMT
etag: 0x8DCB648C812E1CB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 337616
x-served-by: cache-iad-kcgs7200062-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 50, 5406
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f20a226c4e5e19cb3f19e9f565a3f2cf80ceccbf
content-length: 17549
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-62113d33abd1.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-62113d33abd1.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F4AB741
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200159-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 84, 6258
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ae4ed7a606ce6c7e4ac0b0015e7d6da328e54e96
content-length: 3272
GET

https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-00df584d9e79.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_ref-selector_ts-00df584d9e79.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:34 GMT
etag: 0x8DCB5874FAA1F85
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200045-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8970
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: da1c82d21fa08a52ff80f03b5ace5623d7ad6ec6
content-length: 58566
GET

https://github.githubassets.com/assets/codespaces-1f3309c400b4.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/codespaces-1f3309c400b4.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 02 Aug 2024 22:13:06 GMT
etag: 0x8DCB34048F82D3E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273723
x-served-by: cache-iad-kiad7000136-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 6986
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4d1ebc15db8112fb09a0004bc60368dcf6e3a757
content-length: 8526
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_filter--0879fe-bcfcfd976be7.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_filter--0879fe-bcfcfd976be7.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F6AEC62
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kjyo7100078-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8682
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c86264b74de4f8940c525eb06e73978643fcff8e
content-length: 3364
GET

https://github.githubassets.com/assets/app_assets_modules_github_repositories_get-repo-element_ts-4fc152f40452.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_repositories_get-repo-element_ts-4fc152f40452.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9E07445
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1053952
x-served-by: cache-iad-kiad7000133-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 1653, 15667
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 54116aa22880ebebb14870892cfe237f5825ba98
content-length: 4125
GET

https://github.githubassets.com/assets/repositories-22e89d7b03b0.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repositories-22e89d7b03b0.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA265673
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1329690
x-served-by: cache-iad-kcgs7200156-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 15868
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8fc5ab50a8e3df1fe17808c134fada8a46273939
content-length: 9804
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F49A6FE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200149-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8675
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ada81729873898149daeba81328addd74f7c292d
content-length: 5032
GET

https://github.githubassets.com/assets/code-menu-a8d08997ac4f.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/code-menu-a8d08997ac4f.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 20:29:19 GMT
etag: 0x8DCB65673021528
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 273723
x-served-by: cache-iad-kcgs7200073-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 7020
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 49d6e585f14c64dc3f5da970c964e1c7592afcb3
content-length: 4499
GET

https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-lib-7b7b5264f6c1.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:39 GMT
etag: 0x8DCB58752FDC79F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kiad7000035-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8709
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2fcc90c07a9b0505c1a5150e2ed464cbfe4c4008
content-length: 3088
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA71DF1B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942543
x-served-by: cache-iad-kjyo7100043-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 70, 13112
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ca02fd3d1ba9e39c55f0eda56d4cbfe9f57fb291
content-length: 4233
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F4A4292
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200022-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8700
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8dbf5e6185861472ed9175beddc3b12311369898
content-length: 3079
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 18:42:14 GMT
etag: 0x8DCB710A7C0EAB3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 100372
x-served-by: cache-iad-kjyo7100105-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 52, 1475
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8bdb5e6fa938998992cb17e8c97a6d1e8d979c8f
content-length: 8265
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:50 GMT
etag: 0x8DCAB55C856ACEA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466825
x-served-by: cache-iad-kjyo7100029-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 17179
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3850532322a0e4fb053e8f95f34ff9b67ee2d6bc
content-length: 54857
GET

https://github.githubassets.com/assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:42 GMT
etag: 0x8DCB58754D2266A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kjyo7100077-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8797
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a23a7b0233ce0f500c7e7986fec3de31a171cdd0
content-length: 7745
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-c4c6e3be7790.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-c4c6e3be7790.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA172CCD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942544
x-served-by: cache-iad-kiad7000058-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 78, 13713
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 73275148f094b75b9ba060c36003482955a11c18
content-length: 3763
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F4CFEA0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kjyo7100054-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8702
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f2914cffe70b46ea512262ca3081b20e6278f1a3
content-length: 5693
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_modules_primer_react_lib-esm_Text-7845da-3bcd176ee601.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_modules_primer_react_lib-esm_Text-7845da-3bcd176ee601.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:53 GMT
etag: 0x8DCAD1CC9EFA756
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942544
x-served-by: cache-iad-kcgs7200068-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 84, 16410
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6b4184d3d920a6d0e876ed66025e1d1da3e5b905
content-length: 3026
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-e73d967c1bb4.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-e73d967c1bb4.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9B32E84
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466824
x-served-by: cache-iad-kiad7000030-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 16467
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 02c91554a82e21cebb82c5fd1306fb1e56eeed43
content-length: 7009
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_SelectPanel_SelectPanel_js-da4b9b447323.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_SelectPanel_SelectPanel_js-da4b9b447323.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F49A6FE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200065-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8777
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 726ede5084bc3489ba0af51ed3e164df7a6e5e1e
content-length: 2401
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modules_primer_react_lib-esm_Feature-c10078-a365ebbc3112.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modules_primer_react_lib-esm_Feature-c10078-a365ebbc3112.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAE8ABD4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1331637
x-served-by: cache-iad-kiad7000040-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 12052
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c483cf2676da391338a5f0d2485c02a3e7847a5c
content-length: 3888
GET

https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 20 Jun 2024 15:04:38 GMT
etag: 0x8DC913A4DF23CAF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1953595
x-served-by: cache-iad-kcgs7200155-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 121, 14826
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dfd63d9d6ab73aecb444b357d436dbe8f3fae616
content-length: 6751
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu-7732df7cded3.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-subscriptions-menu-7732df7cded3.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 01 Aug 2024 23:26:57 GMT
etag: 0x8DCB2816FEAB4CD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 256144
x-served-by: cache-iad-kjyo7100146-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 71, 6203
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 99e947c46251a1672c33d16a90952d348c65b32a
content-length: 38563
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu.572fff1cb5c3caef1ac9.module.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-subscriptions-menu.572fff1cb5c3caef1ac9.module.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 09 Aug 2024 15:46:49 GMT
etag: 0x8DCB88A7B9874BB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 100384
x-served-by: cache-iad-kjyo7100157-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 41, 1916
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e1d4ad67acc01cdbf3728271bb39c4c4cd22d7e0
content-length: 38576
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_Dialog_js-node_modules_primer_react_lib-esm_-bd7638-349234c98e00.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Dialog_Dialog_js-node_modules_primer_react_lib-esm_-bd7638-349234c98e00.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 05 Aug 2024 19:14:31 GMT
etag: 0x8DCB582D5828916
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 439089
x-served-by: cache-iad-kjyo7100065-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 119, 10724
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 210a2e5564f9439f0a778e1189d1d19f059041b8
content-length: 21659
GET

https://github.githubassets.com/assets/keyboard-shortcuts-dialog-50744f45bf65.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/keyboard-shortcuts-dialog-50744f45bf65.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA240F10
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1265264
x-served-by: cache-iad-kcgs7200022-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 13151
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 24df24df5ed352889bd6bbc3341e58661414a555
content-length: 5219
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:42 GMT
etag: 0x8DCB58754CF6A56
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kcgs7200158-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 9127
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ef69dd26af55e33caea305f276389cf5173459a1
content-length: 4229
GET

https://github.githubassets.com/assets/sessions-b81e688feb0f.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/sessions-b81e688feb0f.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 18:49:10 GMT
etag: 0x8DCB7119FDB03C9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 100384
x-served-by: cache-iad-kjyo7100125-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 40, 1964
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 852db4cad4e14166110b48039cdc796062c0b297
content-length: 12566
GET

https://github.githubassets.com/assets/vendors-node_modules_react-router-dom_dist_index_js-c5568c29d405.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_react-router-dom_dist_index_js-c5568c29d405.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 18:49:05 GMT
etag: 0x8DCB7119D09B1D3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 100384
x-served-by: cache-iad-kjyo7100022-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 40, 1959
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5c05d1c54be06d4ec62ee3e6a64253efb6586927
content-length: 9930
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_UnderlineNav_index_js-a48891f88da5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_UnderlineNav_index_js-a48891f88da5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 21 Jun 2024 00:59:32 GMT
etag: 0x8DC918D6979838D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 2809567
x-served-by: cache-iad-kiad7000026-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 42, 11807
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 39f64dd4968e189eb167049c917fc77de6216645
content-length: 476
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_BranchName_BranchName_js-node_modules_primer_react_-5ab9a5-f0ab9737bc0f.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_BranchName_BranchName_js-node_modules_primer_react_-5ab9a5-f0ab9737bc0f.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 20:27:41 GMT
etag: 0x8DCB7E88D666CAD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 170984
x-served-by: cache-iad-kiad7000038-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 70, 3094
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7636c81f41707fa8be47498df54ed3dfacb3c80d
content-length: 6237
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_primer_react-463b8d-8ea935c80ae4.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_primer_react-463b8d-8ea935c80ae4.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:41 GMT
etag: 0x8DCB5875408B427
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356395
x-served-by: cache-iad-kjyo7100128-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 6403
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1a744308f967dfde505af79527041b568ccb617e
content-length: 4078
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_AvatarStack_AvatarStack_js-node_modules_primer_reac-721fcb-c60889ba2d72.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_AvatarStack_AvatarStack_js-node_modules_primer_reac-721fcb-c60889ba2d72.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 29 Jul 2024 23:43:07 GMT
etag: 0x8DCB02832D85A61
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942541
x-served-by: cache-iad-kjyo7100127-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 54, 2060
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 17dcb1ae0a15fced799973575239c94cccae05b5
content-length: 3596
GET

https://github.githubassets.com/assets/ui_packages_paths_index_ts-a5d19f5b3108.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_paths_index_ts-a5d19f5b3108.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA6E6090
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942538
x-served-by: cache-iad-kjyo7100115-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 57, 9143
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2d685a88ab5849f706a52758e6d1a7aa82466993
content-length: 3907
GET

https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-a811a847f4e3.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_ref-selector_RefSelector_tsx-a811a847f4e3.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAE5A1FC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 1466823
x-served-by: cache-iad-kiad7000156-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 9698
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ed1d9997817c94ce0497577322885d32aaa6fa74
content-length: 3475
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-d56ca1-c6b3e84f88d7.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-d56ca1-c6b3e84f88d7.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 07:38:24 GMT
etag: 0x8DCB6B3EB3F5B22
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 306638
x-served-by: cache-iad-kcgs7200177-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 4652
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a8a5ec34b6a675934f77c621485b760776dc676b
content-length: 14537
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-file-page-payload_ts-ui_packages_copy-to-clipboard_ind-7aee8b-736b82387f3f.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-file-page-payload_ts-ui_packages_copy-to-clipboard_ind-7aee8b-736b82387f3f.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 20 Jun 2024 15:04:40 GMT
etag: 0x8DC913A4F6C3759
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 3477000
x-served-by: cache-iad-kiad7000133-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 100, 14946
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b4f519a28d76f6c5be1be0489d5ef5897637b632
content-length: 1554
GET

https://github.githubassets.com/assets/repos-overview-8b42a5904539.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repos-overview-8b42a5904539.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 20:27:42 GMT
etag: 0x8DCB7E88DFF41C3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 170984
x-served-by: cache-iad-kcgs7200160-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 64, 2337
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1a27893055bce43dd415335697537fde27b5a500
content-length: 23851
GET

https://github.githubassets.com/assets/repos-overview.47cf64b9ae0677ccb350.module.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repos-overview.47cf64b9ae0677ccb350.module.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 17 Jun 2024 21:24:12 GMT
etag: 0x8DC8F13D5428FE0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 3490060
x-served-by: cache-iad-kcgs7200145-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 8395
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 91ffd61551152106b5bfd2319984cdb267e5615a
content-length: 220
GET

https://github.githubassets.com/assets/dark-6b1e37da2254.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/dark-6b1e37da2254.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:42 GMT
etag: 0x8DCB58754CECECA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kiad7000167-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 7991
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cfc07be1b71573ba10c099e65f78f8995c24cc5f
content-length: 4751
GET

https://github.githubassets.com/assets/primer-primitives-8500c2c7ce5f.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-primitives-8500c2c7ce5f.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 20:27:43 GMT
etag: 0x8DCB7E88E8BC8A6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 171005
x-served-by: cache-iad-kjyo7100095-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 72, 2603
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1bc382669d2086e0524330fd40051522c34df9a6
content-length: 14927
GET

https://github.githubassets.com/assets/primer-bbda46ca867f.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-bbda46ca867f.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:42 GMT
etag: 0x8DCB58754D0EF45
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 356517
x-served-by: cache-iad-kiad7000029-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 96, 5599
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bf987ab01182fb482fa7903663c8eed03f7f77f5
content-length: 6189
GET

https://github.githubassets.com/assets/global-6f01bc73955b.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/global-6f01bc73955b.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 17:56:46 GMT
etag: 0x8DCB70A4E081B01
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 182276
x-served-by: cache-iad-kjyo7100175-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 58, 2764
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6a7494fa482adffc3eda4039e26d45d926d2373a
content-length: 6946
GET

https://github.githubassets.com/assets/github-4bf1effa8118.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/github-4bf1effa8118.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 29 Jul 2024 23:43:07 GMT
etag: 0x8DCB02832BDC448
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
age: 942541
x-served-by: cache-iad-kiad7000125-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 52, 2074
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9369b16bfcbaa196670b5c06009e856507967783
content-length: 6575
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:44 GMT
etag: 0x8DCAB55C4C09E55
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 1466825
x-served-by: cache-iad-kcgs7200172-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 3757, 14839
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 905826c6f3cd4a993a5987cfffe0b44ef36eda94
content-length: 3734
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-72e65e1a9e50.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_primer_experimental_select-panel-element_ts-72e65e1a9e50.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:04:05 GMT
etag: 0x8DCB64229585E43
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 356518
x-served-by: cache-iad-kcgs7200042-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8179
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 60ee8eec1c0d78158775693176747e78c3e364bb
content-length: 5556
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:51:24 GMT
etag: 0x8DCB648C553CC3E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 337637
x-served-by: cache-iad-kcgs7200066-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 72, 7475
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cefe7c8190454528fe1b179866c0067b99763e71
content-length: 5941
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-04fb8f0-1620a267eab5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-04fb8f0-1620a267eab5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:34 GMT
etag: 0x8DCB5874FFF3321
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 356518
x-served-by: cache-iad-kiad7000047-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 7653
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 74ebe4b027ff098c84b97f93a40b6022042b3eef
content-length: 5076
GET

https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-3a568db843b2.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_search_custom-scopes-element_ts-3a568db843b2.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 11:58:07 GMT
etag: 0x8DCB6D833BE9C72
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 123559
x-served-by: cache-iad-kiad7000101-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 15, 2686
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3c36c0bd2f28f44363fc90dcd74a9153de9f7f72
content-length: 23705
GET

https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-ui_packages_safe-storage_safe-storage_ts-90c65e701241.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_query-builder-element_query-builder-element_ts-ui_packages_safe-storage_safe-storage_ts-90c65e701241.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:34 GMT
etag: 0x8DCB58750224B38
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 356518
x-served-by: cache-iad-kjyo7100141-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 8117
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3b3ea28dfa7ffff61ac7cf3d1b976f5628406513
content-length: 543
GET

https://github.githubassets.com/assets/chunk-app_assets_modules_github_jump-to_ts-d6aa6256bf8e.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_assets_modules_github_jump-to_ts-d6aa6256bf8e.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 16:49:48 GMT
etag: 0x8DCB7CA1D5BA687
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 185761
x-served-by: cache-iad-kjyo7100130-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 102, 3834
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ca3abf66f8f82893e601bd6fc55167521958bc4d
content-length: 9292
GET

https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_form-utils_form-utils_ts-ui_packa-cd5fe9-2993ae65b9a8.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_form-utils_form-utils_ts-ui_packa-cd5fe9-2993ae65b9a8.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB587503F7682
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 356518
x-served-by: cache-iad-kjyo7100172-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 7698
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ad2152bcc7a697da9b44bfa139926786b1886278
content-length: 6620
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-a30501e51b3a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-a30501e51b3a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB587506CB977
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 356518
x-served-by: cache-iad-kiad7000124-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 8095
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 134e2a3b0890b246eb5797f5a29658e1a4903600
content-length: 2950
GET

https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-b8a0d9bc2ed9.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-b8a0d9bc2ed9.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB587506ABFDE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 356514
x-served-by: cache-iad-kiad7000113-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 133, 4644
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7202f6f76b979ac7c053185d61c9b6ace7a24519
content-length: 5220
GET

https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-ui_packages_trusted-types-policies_policy_ts--77a9d9-5febadf19308.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-node_modules_github_mini-throttle_dist_index_js-ui_packages_trusted-types-policies_policy_ts--77a9d9-5febadf19308.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB5875084BA53
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 356518
x-served-by: cache-iad-kcgs7200147-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8099
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 88b23c56c6c7ed00e2ee53aafb1646459172479a
content-length: 2790
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 21:39:04 GMT
etag: 0x8DCB66031D4ABE1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 337637
x-served-by: cache-iad-kcgs7200071-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 74, 7454
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2a81c637a3cee5c36064321679f43e04f63faa6d
content-length: 9899
GET

https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-2cd71482a783.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-2cd71482a783.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB587506DC9BB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:03 GMT
age: 356518
x-served-by: cache-iad-kjyo7100167-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 8101
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ecdac03b1d9dd9970d78ede633c435ed132425b6
content-length: 3184
GET

https://github.githubassets.com/favicons/favicon.svg

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-type: image/svg+xml
last-modified: Thu, 19 Oct 2023 22:56:36 GMT
etag: 0x8DBD0F6A5D50EA4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:04 GMT
age: 70
x-served-by: cache-iad-kiad7000081-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 1517404, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2e26ce4f80b8c66579374b171eabf1345b0ff4af
content-length: 959
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:43 GMT
etag: 0x8DCAB55C4A09029
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:04 GMT
age: 1466825
x-served-by: cache-iad-kcgs7200110-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 14394
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 687fcb1faf6bd8503b76f354325aef3ce1497987
content-length: 9412
GET

https://github.githubassets.com/assets/primer-bbda46ca867f.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-bbda46ca867f.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 09 Aug 2024 15:46:49 GMT
etag: 0x8DCB88A7B9874BB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:21 GMT
age: 100403
x-served-by: cache-iad-kjyo7100157-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 41, 1918
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 081c3d277d7d2848bf0b2a81ec664589210deb46
content-length: 38576
GET

https://github.githubassets.com/assets/global-6f01bc73955b.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/global-6f01bc73955b.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA43FDD0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:22 GMT
age: 942563
x-served-by: cache-iad-kjyo7100091-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 48, 4989
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 78e2145b50a7aacd206761bfa5083522681b373f
content-length: 4904
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-6deafe-fc95155e233a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-6deafe-fc95155e233a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA72C86E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:22 GMT
age: 942560
x-served-by: cache-iad-kiad7000165-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 40, 4855
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b9730e3a0300ccca7add2590b3a818324586ccc2
content-length: 5697
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ConfirmationDialog_ConfirmationDialog_js-099e8bfead83.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ConfirmationDialog_ConfirmationDialog_js-099e8bfead83.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 29 Jul 2024 23:43:08 GMT
etag: 0x8DCB02832F9C69A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:22 GMT
age: 942560
x-served-by: cache-iad-kiad7000078-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 44, 5206
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b4acb1395cfdc47ccb19210dc26b925e887c207b
content-length: 6177
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Heading_Heading_js-node_modules_primer_react_lib-es-96435f-dbb4ca9db9f8.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Heading_Heading_js-node_modules_primer_react_lib-es-96435f-dbb4ca9db9f8.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA1616F2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:22 GMT
age: 942560
x-served-by: cache-iad-kjyo7100037-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 26, 4721
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0ee5d43fc68ee53bc158d785fc5e2cc97a8b5187
content-length: 3616
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TreeView_TreeView_js-1b1a492a9329.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_TreeView_TreeView_js-1b1a492a9329.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 16:51:51 GMT
etag: 0x8DCB63811FB8BAC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:22 GMT
age: 356536
x-served-by: cache-iad-kcgs7200069-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 12, 2987
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 629da292e67ca3c1769de2057b45cd18efd6bb99
content-length: 7462
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_scroll-into-view_js-node_modules_primer_react_-91c222-9bca588cddb2.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_scroll-into-view_js-node_modules_primer_react_-91c222-9bca588cddb2.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 20:27:43 GMT
etag: 0x8DCB7E88E9B6E7C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:22 GMT
age: 171025
x-served-by: cache-iad-kcgs7200053-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 77, 1145
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3681b3d8a04536eba3dcb9e6d4dbb98ee9332cb6
content-length: 7452
GET

https://github.githubassets.com/assets/ui_packages_react-core_register-app_ts-d92f692cd90a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_react-core_register-app_ts-d92f692cd90a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:42 GMT
etag: 0x8DCB58754D2E8DA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:22 GMT
age: 356536
x-served-by: cache-iad-kiad7000048-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 70, 2658
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3d157334d24aef3f09f7cd7baaa04444cab77884
content-length: 13931
GET

https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-f45efb-404435465b5f.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-f45efb-404435465b5f.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 24 Jun 2024 14:52:43 GMT
etag: 0x8DC945D4D8528F9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:22 GMT
age: 2644936
x-served-by: cache-iad-kcgs7200050-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 4304
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 68ab26c6940998527657a0c997c6f2a962c78889
content-length: 583
GET

https://github.githubassets.com/assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-ec5225-2554f1c99329.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-ec5225-2554f1c99329.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 15:44:31 GMT
etag: 0x8DCB88A29349ECF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:22 GMT
age: 105671
x-served-by: cache-iad-kjyo7100107-IAD, cache-lcy-eglc8600059-LCY
x-cache: HIT, HIT
x-cache-hits: 36, 489
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2fa7adedcb8b58d40f268c912e276166d5d5c8a1
content-length: 75624
GET

https://github.githubassets.com/assets/react-code-view-5dc60bcae5de.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-code-view-5dc60bcae5de.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
GET

https://github.githubassets.com/assets/react-code-view.234ae39ff1fa1232236c.module.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-code-view.234ae39ff1fa1232236c.module.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.110.154
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.109.154
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN AAAA

Response
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN AAAA

Response
DNS

raw.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.110.133

raw.githubusercontent.com

IN A

185.199.109.133

raw.githubusercontent.com

IN A

185.199.111.133

raw.githubusercontent.com

IN A

185.199.108.133
DNS

raw.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.108.133

raw.githubusercontent.com

IN A

185.199.111.133

raw.githubusercontent.com

IN A

185.199.109.133

raw.githubusercontent.com

IN A

185.199.110.133
GET

https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/ransomware.png

firefox.exe

Remote address:

185.199.110.133:443

Request

GET /kh4sh3i/Ransomware-Samples/main/ransomware.png HTTP/2.0
host: raw.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/png
etag: W/"25c33a443df8665f58e4583363248d473e3a29cad2eda84913d3104810c92569"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 9942:27E46E:39A04F:480997:66B7DF9A
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:02 GMT
via: 1.1 varnish
x-served-by: cache-lon420089-LON
x-cache: MISS
x-cache-hits: 0
x-timer: S1723326363.784677,VS0,VE139
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: dfd935f6f7c3a9f43e0c0faeca6db694e6fdd0fe
expires: Sat, 10 Aug 2024 21:51:02 GMT
source-age: 0
content-length: 36870
GET

https://avatars.githubusercontent.com/u/64693844?v=4&size=40

firefox.exe

Remote address:

185.199.110.133:443

Request

GET /u/64693844?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/jpeg
etag: "8db50e64b91068ff6e747fa58fb1ac6cb9d882cf6123204f9b409101417f4652"
last-modified: Mon, 07 Nov 2022 17:46:55 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: CDC4:38F50:3739D8:465BB4:66B1EC1E
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:04 GMT
via: 1.1 varnish
x-served-by: cache-lon420089-LON
x-cache: HIT
x-cache-hits: 0
x-timer: S1723326365.743983,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 326395ced3087dd86b146fb5444ed740126f2a16
expires: Sat, 10 Aug 2024 21:51:04 GMT
source-age: 390014
vary: Authorization,Accept-Encoding
content-length: 797
GET

https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

firefox.exe

Remote address:

185.199.110.133:443

Request

GET /kh4sh3i/Ransomware-Samples/main/TeslaCrypt/Ransomware.TeslaCrypt.zip HTTP/2.0
host: raw.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
etag: W/"6571157664549d1ea677d4a49c2d0b87296a9887842ad97f76da8d5e81f4ad17"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: D230:2D2A4D:534F8F:67BCA4:66B7DFD0
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:46:58 GMT
via: 1.1 varnish
x-served-by: cache-lon420089-LON
x-cache: MISS
x-cache-hits: 0
x-timer: S1723326418.495859,VS0,VE137
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: a6d6e6ca30b7ac9307fd5f072cdc55bfd9ba7098
expires: Sat, 10 Aug 2024 21:51:58 GMT
source-age: 0
content-length: 491332
GET

https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/Jigsaw/Ransomware.Jigsaw.zip

firefox.exe

Remote address:

185.199.110.133:443

Request

GET /kh4sh3i/Ransomware-Samples/main/Jigsaw/Ransomware.Jigsaw.zip HTTP/2.0
host: raw.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
etag: W/"f2f120ea4aa0c31ce4bde6520d5edfcdbb2d8b0c4a5323f34930f910c851e526"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: A582:18764:25272F:2EE0BC:66B7DFD9
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:47:06 GMT
via: 1.1 varnish
x-served-by: cache-lon420089-LON
x-cache: MISS
x-cache-hits: 0
x-timer: S1723326427.586297,VS0,VE115
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: bbfbd2e9ff4dd7d64828b574f2b1f0334ea6165c
expires: Sat, 10 Aug 2024 21:52:06 GMT
source-age: 0
content-length: 245631
DNS

raw.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.108.133

raw.githubusercontent.com

IN A

185.199.109.133

raw.githubusercontent.com

IN A

185.199.111.133

raw.githubusercontent.com

IN A

185.199.110.133
DNS

raw.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.109.133

raw.githubusercontent.com

IN A

185.199.110.133

raw.githubusercontent.com

IN A

185.199.111.133

raw.githubusercontent.com

IN A

185.199.108.133
DNS

raw.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN AAAA

Response

raw.githubusercontent.com

IN AAAA

2606:50c0:8002::154

raw.githubusercontent.com

IN AAAA

2606:50c0:8000::154

raw.githubusercontent.com

IN AAAA

2606:50c0:8003::154

raw.githubusercontent.com

IN AAAA

2606:50c0:8001::154
DNS

raw.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN AAAA
DNS

www.tm.v4.a.prd.aadg.trafficmanager.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

Response

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.32.72

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.160.20

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.32.74

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.32.140

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.32.133

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.32.136

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.32.76

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.32.68
DNS

www.tm.v4.a.prd.aadg.trafficmanager.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

Response

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.23

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.68

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.73

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.73

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.64

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.4

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.69

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.75
DNS

www.tm.v4.a.prd.aadg.trafficmanager.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.tm.v4.a.prd.aadg.trafficmanager.net

IN AAAA

Response
DNS

154.109.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.109.199.185.in-addr.arpa

IN PTR

Response

154.109.199.185.in-addr.arpa

IN PTR

cdn-185-199-109-154githubcom
DNS

154.109.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.109.199.185.in-addr.arpa

IN PTR
DNS

133.110.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.110.199.185.in-addr.arpa

IN PTR

Response

133.110.199.185.in-addr.arpa

IN PTR

cdn-185-199-110-133githubcom
DNS

133.110.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.110.199.185.in-addr.arpa

IN PTR
DNS

4.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.159.190.20.in-addr.arpa

IN PTR

Response
DNS

4.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.159.190.20.in-addr.arpa

IN PTR
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.113.21
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.113.21
DNS

avatars.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.110.133

avatars.githubusercontent.com

IN A

185.199.111.133

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.108.133
DNS

avatars.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.108.133

avatars.githubusercontent.com

IN A

185.199.110.133

avatars.githubusercontent.com

IN A

185.199.111.133

avatars.githubusercontent.com

IN A

185.199.109.133
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
content-type: text/plain;charset=UTF-8
content-length: 1276
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.001875
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:594FB:AD529:66B7DF9C
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
content-type: text/plain;charset=UTF-8
content-length: 981
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003290
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:59501:AD536:66B7DF9D
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
content-type: text/plain;charset=UTF-8
content-length: 1346
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:21 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003111
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:59CFA:AE46B:66B7DF9D
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/TeslaCrypt
content-type: text/plain;charset=UTF-8
content-length: 1069
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:22 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002109
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:59DA8:AE5DB:66B7DFAD
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/TeslaCrypt
content-type: text/plain;charset=UTF-8
content-length: 1039
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:22 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002795
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:59DB4:AE5F3:66B7DFAE
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/TeslaCrypt
content-type: text/plain;charset=UTF-8
content-length: 1323
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:23 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002048
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:59DE7:AE651:66B7DFAE
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/Jigsaw
content-type: text/plain;charset=UTF-8
content-length: 1061
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:37 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002391
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5A3F9:AF2C8:66B7DFAF
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/Jigsaw
content-type: text/plain;charset=UTF-8
content-length: 1031
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:38 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002420
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5A411:AF303:66B7DFBD
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/Jigsaw
content-type: text/plain;charset=UTF-8
content-length: 1315
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:43 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002446
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5A62A:AF76B:66B7DFBE
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
content-type: text/plain;charset=UTF-8
content-length: 1116
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:56 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003195
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5AAD9:B01F1:66B7DFC3
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
content-type: text/plain;charset=UTF-8
content-length: 1121
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:56 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002397
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5AAD9:B01F3:66B7DFD0
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
content-type: text/plain;charset=UTF-8
content-length: 1106
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:56 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002204
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5AADC:B01F4:66B7DFD0
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
content-type: text/plain;charset=UTF-8
content-length: 1511
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:46:56 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003068
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5AAE9:B020F:66B7DFD0
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip
content-type: text/plain;charset=UTF-8
content-length: 1104
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:47:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002454
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5AE72:B0962:66B7DFD9
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip
content-type: text/plain;charset=UTF-8
content-length: 1105
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:47:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003046
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5AE72:B0961:66B7DFD0
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip
content-type: text/plain;charset=UTF-8
content-length: 1090
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:47:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003197
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5AE72:B0963:66B7DFD9
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.113.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip
content-type: text/plain;charset=UTF-8
content-length: 1495
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:47:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002603
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C805:22D06:5AE7D:B096E:66B7DFD9
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.113.21
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.113.21
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

www.bing.com.cdn.cloudflare.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.bing.com.cdn.cloudflare.net

IN A

Response

www.bing.com.cdn.cloudflare.net

IN A

104.18.33.89

www.bing.com.cdn.cloudflare.net

IN A

172.64.154.167
DNS

www.bing.com.cdn.cloudflare.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.bing.com.cdn.cloudflare.net

IN A

Response

www.bing.com.cdn.cloudflare.net

IN A

104.18.33.89

www.bing.com.cdn.cloudflare.net

IN A

172.64.154.167
DNS

avatars.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN AAAA

Response

avatars.githubusercontent.com

IN AAAA

2606:50c0:8001::154

avatars.githubusercontent.com

IN AAAA

2606:50c0:8003::154

avatars.githubusercontent.com

IN AAAA

2606:50c0:8002::154

avatars.githubusercontent.com

IN AAAA

2606:50c0:8000::154
DNS

avatars.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN AAAA

Response

avatars.githubusercontent.com

IN AAAA

2606:50c0:8000::154

avatars.githubusercontent.com

IN AAAA

2606:50c0:8003::154

avatars.githubusercontent.com

IN AAAA

2606:50c0:8001::154

avatars.githubusercontent.com

IN AAAA

2606:50c0:8002::154
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
content-type: text/plain;charset=UTF-8
content-length: 442
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:46:05 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1723329965
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C810:DBAB2:5E1C17:640108:66B7DF9C
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
content-type: text/plain;charset=UTF-8
content-length: 195
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:46:09 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1723329969
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C810:DBAB2:5E1E15:64031C:66B7DF9D
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
content-type: text/plain;charset=UTF-8
content-length: 259
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:46:21 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1723329981
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C810:DBAB2:5E2290:6407DD:66B7DFA1
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/Jigsaw
content-type: text/plain;charset=UTF-8
content-length: 304
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:46:41 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1723330001
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C810:DBAB2:5E2A98:641058:66B7DFAD
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip
content-type: text/plain;charset=UTF-8
content-length: 739
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:46:56 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1723330016
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C810:DBAB2:5E30F7:64170E:66B7DFC1
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip
content-type: text/plain;charset=UTF-8
content-length: 723
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:47:05 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1723330025
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C810:DBAB2:5E34B6:641B13:66B7DFD0
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

www.bing.com.cdn.cloudflare.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.bing.com.cdn.cloudflare.net

IN AAAA

Response

www.bing.com.cdn.cloudflare.net

IN AAAA

2606:4700:4400::6812:2159

www.bing.com.cdn.cloudflare.net

IN AAAA

2606:4700:4400::ac40:9aa7
DNS

www.bing.com.cdn.cloudflare.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.bing.com.cdn.cloudflare.net

IN AAAA

Response

www.bing.com.cdn.cloudflare.net

IN AAAA

2606:4700:4400::6812:2159

www.bing.com.cdn.cloudflare.net

IN AAAA

2606:4700:4400::ac40:9aa7
DNS

167.154.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

167.154.64.172.in-addr.arpa

IN PTR

Response
DNS

167.154.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

167.154.64.172.in-addr.arpa

IN PTR

Response
DNS

21.113.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.113.82.140.in-addr.arpa

IN PTR

Response

21.113.82.140.in-addr.arpa

IN PTR

lb-140-82-113-21-iadgithubcom
DNS

21.113.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.113.82.140.in-addr.arpa

IN PTR

Response

21.113.82.140.in-addr.arpa

IN PTR

lb-140-82-113-21-iadgithubcom
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN AAAA

Response
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN AAAA

Response
DNS

210.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

210.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.112.22
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.112.22
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.112.22
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.112.21
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=147411976-148288419
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:57 GMT
Content-Type: application/octet-stream
Content-Length: 876444
Connection: keep-alive
Age: 39
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: fe6049c2-f332-480f-9fad-e21033f49fdf
MS-CV: qBPTYo5ju0WxrJcF.0
MS-RequestId: 81c30029-01d8-446d-91f1-311eb994a3c6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa88aaf-1135283894-1
Content-Range: bytes 147411976-148288419/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=148288420-150223173
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:58 GMT
Content-Type: application/octet-stream
Content-Length: 1934754
Connection: keep-alive
Age: 39
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: fe6049c2-f332-480f-9fad-e21033f49fdf
MS-CV: qBPTYo5ju0WxrJcF.0
MS-RequestId: 81c30029-01d8-446d-91f1-311eb994a3c6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa89c7f-1135283894-2
Content-Range: bytes 148288420-150223173/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=150223174-153006991
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:46:59 GMT
Content-Type: application/octet-stream
Content-Length: 2783818
Connection: keep-alive
Age: 39
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: fe6049c2-f332-480f-9fad-e21033f49fdf
MS-CV: qBPTYo5ju0WxrJcF.0
MS-RequestId: 81c30029-01d8-446d-91f1-311eb994a3c6
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa8b98d-1135283894-3
Content-Range: bytes 150223174-153006991/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=153006992-156433228
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:47:01 GMT
Content-Type: application/octet-stream
Content-Length: 3426237
Connection: keep-alive
Age: 52
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 71c37867-b0a6-4902-9ef6-145b47010fec
MS-CV: O3z/nvMWiUykMqrP4dMZYg.0.2.7.1.1.31.0
MS-RequestId: 3c89ad7a-2b92-40bb-a62c-813ec4d8c57c
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa8dc24-1135283894-4
Content-Range: bytes 153006992-156433228/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=156433229-158816697
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:47:04 GMT
Content-Type: application/octet-stream
Content-Length: 2383469
Connection: keep-alive
Age: 52
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 71c37867-b0a6-4902-9ef6-145b47010fec
MS-CV: O3z/nvMWiUykMqrP4dMZYg.0.2.7.1.1.31.0
MS-RequestId: 3c89ad7a-2b92-40bb-a62c-813ec4d8c57c
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa91716-1135283894-5
Content-Range: bytes 156433229-158816697/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=158816698-159985350
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:47:08 GMT
Content-Type: application/octet-stream
Content-Length: 1168653
Connection: keep-alive
Age: 52
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 71c37867-b0a6-4902-9ef6-145b47010fec
MS-CV: O3z/nvMWiUykMqrP4dMZYg.0.2.7.1.1.31.0
MS-RequestId: 3c89ad7a-2b92-40bb-a62c-813ec4d8c57c
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa96aaa-1135283894-6
Content-Range: bytes 158816698-159985350/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=159985351-160996295
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:47:10 GMT
Content-Type: application/octet-stream
Content-Length: 1010945
Connection: keep-alive
Age: 57
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 3f036ac3-7245-4ccf-95ad-3c6b9c29a1bf
MS-CV: emZ0flSeK0WOvldRIO23nQ.0.1.1.6.1.1.9.0
MS-RequestId: ed8b9c5e-329e-443d-85ae-212dff33a051
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa99a27-1135283894-7
Content-Range: bytes 159985351-160996295/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=160996296-162677001
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:47:11 GMT
Content-Type: application/octet-stream
Content-Length: 1680706
Connection: keep-alive
Age: 57
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 3f036ac3-7245-4ccf-95ad-3c6b9c29a1bf
MS-CV: emZ0flSeK0WOvldRIO23nQ.0.1.1.6.1.1.9.0
MS-RequestId: ed8b9c5e-329e-443d-85ae-212dff33a051
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa9b49a-1135283894-8
Content-Range: bytes 160996296-162677001/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=162677002-164917942
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:47:13 GMT
Content-Type: application/octet-stream
Content-Length: 2240941
Connection: keep-alive
Age: 57
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 3f036ac3-7245-4ccf-95ad-3c6b9c29a1bf
MS-CV: emZ0flSeK0WOvldRIO23nQ.0.1.1.6.1.1.9.0
MS-RequestId: ed8b9c5e-329e-443d-85ae-212dff33a051
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa9d338-1135283894-9
Content-Range: bytes 162677002-164917942/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=164917943-167701719
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:47:14 GMT
Content-Type: application/octet-stream
Content-Length: 2783777
Connection: keep-alive
Age: 57
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 3f036ac3-7245-4ccf-95ad-3c6b9c29a1bf
MS-CV: emZ0flSeK0WOvldRIO23nQ.0.1.1.6.1.1.9.0
MS-RequestId: ed8b9c5e-329e-443d-85ae-212dff33a051
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022fa9f511-1135283894-10
Content-Range: bytes 164917943-167701719/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=167701720-169016682
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:47:19 GMT
Content-Type: application/octet-stream
Content-Length: 1314963
Connection: keep-alive
Age: 57
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: 3f036ac3-7245-4ccf-95ad-3c6b9c29a1bf
MS-CV: emZ0flSeK0WOvldRIO23nQ.0.1.1.6.1.1.9.0
MS-RequestId: ed8b9c5e-329e-443d-85ae-212dff33a051
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022faa4d8d-1135283894-11
Content-Range: bytes 167701720-169016682/172606408
Server: Qwilt
X-OC-Service-Type: lo
GET

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

Remote address:

217.20.58.36:80

Request

GET /filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 07 Aug 2024 17:57:07 GMT
Range: bytes=169016683-170826679
User-Agent: Microsoft BITS/7.8
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: msedge.f.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Sat, 10 Aug 2024 21:47:20 GMT
Content-Type: application/octet-stream
Content-Length: 1809997
Connection: keep-alive
Age: 37
Cache-Control: public, max-age=17280000
Etag: "8ntfiR0vpJw4pKf2SKIUKX5jonc="
Last-Modified: Wed, 07 Aug 2024 17:57:07 GMT
MS-CorrelationId: f454dad2-099c-4585-affa-ca20b85e7744
MS-CV: emZ0flSeK0WOvldRIO23nQ.0.1.1.6.1.1.14.0
MS-RequestId: 6d58becf-9f9e-4042-82d7-25ad5ebc1dd5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Cache: HIT
X-CCC: fr
X-CID: 9
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Ocn-Cache-Status: HIT
Ocn-Served-By: QLT
Ocn-Requestid: 100000022faa6b2c-1135283894-12
Content-Range: bytes 169016683-170826679/172606408
Server: Qwilt
X-OC-Service-Type: lo
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN AAAA

Response
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN AAAA

Response
DNS

200.64.52.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.64.52.20.in-addr.arpa

IN PTR

Response
DNS

200.64.52.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.64.52.20.in-addr.arpa

IN PTR

Response
DNS

btc.blockr.io

drpbx.exe

Remote address:

8.8.8.8:53

Request

btc.blockr.io

IN A

Response
DNS

btc.blockr.io

drpbx.exe

Remote address:

8.8.8.8:53

Request

btc.blockr.io

IN A

Response
DNS

btc.blockr.io

drpbx.exe

Remote address:

8.8.8.8:53

Request

btc.blockr.io

IN A

Response
DNS

btc.blockr.io

drpbx.exe

Remote address:

8.8.8.8:53

Request

btc.blockr.io

IN A

Response
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

201.181.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

201.181.244.35.in-addr.arpa

IN PTR

Response

201.181.244.35.in-addr.arpa

IN PTR

20118124435bcgoogleusercontentcom
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

142.250.179.174
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

142.250.179.174
DNS

ciscobinary.openh264.org

firefox.exe

Remote address:

8.8.8.8:53

Request

ciscobinary.openh264.org

IN A

Response

ciscobinary.openh264.org

IN CNAME

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

IN CNAME

a17.rackcdn.com

a17.rackcdn.com

IN CNAME

a17.rackcdn.com.mdc.edgesuite.net

a17.rackcdn.com.mdc.edgesuite.net

IN CNAME

a19.dscg10.akamai.net

a19.dscg10.akamai.net

IN A

88.221.134.209

a19.dscg10.akamai.net

IN A

88.221.134.155
DNS

ciscobinary.openh264.org

firefox.exe

Remote address:

8.8.8.8:53

Request

ciscobinary.openh264.org

IN A

Response

ciscobinary.openh264.org

IN CNAME

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

IN CNAME

a17.rackcdn.com

a17.rackcdn.com

IN CNAME

a17.rackcdn.com.mdc.edgesuite.net

a17.rackcdn.com.mdc.edgesuite.net

IN CNAME

a19.dscg10.akamai.net

a19.dscg10.akamai.net

IN A

88.221.134.209

a19.dscg10.akamai.net

IN A

88.221.134.155
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

142.250.179.174
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

142.250.179.174
GET

http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

firefox.exe

Remote address:

88.221.134.209:80

Request

GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 10 Apr 2024 18:44:28 GMT
ETag: 85430baed3398695717b0263807cf97c
X-Trans-Id: txa53a50fa3dbb460ab7097-00663d0dccdfw1
Content-Length: 453023
Accept-Ranges: bytes
X-Timestamp: 1712774667.41880
Content-Type: application/zip
Cache-Control: public, max-age=178531
Expires: Mon, 12 Aug 2024 23:29:12 GMT
Date: Sat, 10 Aug 2024 21:53:41 GMT
Connection: keep-alive
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN A

Response

a19.dscg10.akamai.net

IN A

88.221.134.209

a19.dscg10.akamai.net

IN A

88.221.134.155
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN A

Response

a19.dscg10.akamai.net

IN A

88.221.134.209

a19.dscg10.akamai.net

IN A

88.221.134.155
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN AAAA

Response

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:86d1

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:869b
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN AAAA

Response

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:869b

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:86d1
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN AAAA

Response

redirector.gvt1.com

IN AAAA

2a00:1450:400e:802::200e
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN AAAA

Response

redirector.gvt1.com

IN AAAA

2a00:1450:400e:802::200e
DNS

r5---sn-4g5lzney.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5---sn-4g5lzney.gvt1.com

IN A

Response

r5---sn-4g5lzney.gvt1.com

IN CNAME

r5.sn-4g5lzney.gvt1.com

r5.sn-4g5lzney.gvt1.com

IN A

74.125.163.138
DNS

r5---sn-4g5lzney.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5---sn-4g5lzney.gvt1.com

IN A

Response

r5---sn-4g5lzney.gvt1.com

IN CNAME

r5.sn-4g5lzney.gvt1.com

r5.sn-4g5lzney.gvt1.com

IN A

74.125.163.138
DNS

r5.sn-4g5lzney.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5.sn-4g5lzney.gvt1.com

IN A

Response

r5.sn-4g5lzney.gvt1.com

IN A

74.125.163.138
DNS

r5.sn-4g5lzney.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5.sn-4g5lzney.gvt1.com

IN A

Response

r5.sn-4g5lzney.gvt1.com

IN A

74.125.163.138
DNS

r5.sn-4g5lzney.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5.sn-4g5lzney.gvt1.com

IN AAAA

Response

r5.sn-4g5lzney.gvt1.com

IN AAAA

2a00:1450:4001:1b::a
DNS

r5.sn-4g5lzney.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5.sn-4g5lzney.gvt1.com

IN AAAA

Response

r5.sn-4g5lzney.gvt1.com

IN AAAA

2a00:1450:4001:1b::a
DNS

209.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.134.221.88.in-addr.arpa

IN PTR

Response

209.134.221.88.in-addr.arpa

IN PTR

a88-221-134-209deploystaticakamaitechnologiescom
DNS

209.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.134.221.88.in-addr.arpa

IN PTR
DNS

174.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

174.179.250.142.in-addr.arpa

IN PTR

Response

174.179.250.142.in-addr.arpa

IN PTR

ams15s41-in-f141e100net
DNS

174.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

174.179.250.142.in-addr.arpa

IN PTR
DNS

138.163.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.163.125.74.in-addr.arpa

IN PTR

Response

138.163.125.74.in-addr.arpa

IN PTR

fra24s19-in-f101e100net
DNS

138.163.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.163.125.74.in-addr.arpa

IN PTR
DNS

56.28.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.28.101.95.in-addr.arpa

IN PTR

Response

56.28.101.95.in-addr.arpa

IN PTR

a95-101-28-56deploystaticakamaitechnologiescom
DNS

56.28.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.28.101.95.in-addr.arpa

IN PTR

Response

56.28.101.95.in-addr.arpa

IN PTR

a95-101-28-56deploystaticakamaitechnologiescom
DNS

7tno4hib47vlep5o.tor2web.org

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.org

IN A

Response

7tno4hib47vlep5o.tor2web.org

IN A

103.198.0.111
DNS

7tno4hib47vlep5o.tor2web.org

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.org

IN A

Response

7tno4hib47vlep5o.tor2web.org

IN A

103.198.0.111
DNS

7tno4hib47vlep5o.tor2web.blutmagie.de

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.blutmagie.de

IN A

Response
DNS

7tno4hib47vlep5o.tor2web.blutmagie.de

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.blutmagie.de

IN A

Response
DNS

7tno4hib47vlep5o.tor2web.fi

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.fi

IN A

Response
DNS

7tno4hib47vlep5o.tor2web.fi

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.fi

IN A

Response
DNS

bitcoin.toshi.io

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

bitcoin.toshi.io

IN A

Response
DNS

bitcoin.toshi.io

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

bitcoin.toshi.io

IN A

Response
DNS

7tno4hib47vlep5o.tor2web.blutmagie.de

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.blutmagie.de

IN A

Response
DNS

7tno4hib47vlep5o.tor2web.blutmagie.de

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.blutmagie.de

IN A

Response
DNS

bitcoin.toshi.io

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

bitcoin.toshi.io

IN A

Response
DNS

bitcoin.toshi.io

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

bitcoin.toshi.io

IN A

Response
DNS

7tno4hib47vlep5o.tor2web.fi

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.fi

IN A

Response
DNS

7tno4hib47vlep5o.tor2web.fi

gsalfrh.exe

Remote address:

8.8.8.8:53

Request

7tno4hib47vlep5o.tor2web.fi

IN A

Response
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
GET

https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/tree/main/WannaCry HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-origin
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:55:56 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"65a1ca0f7a4c89d0b260113bfff709fb"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: F3FB:3D726:11B6A44:141E86D:66B7E1EB
GET

https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/WannaCry

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/latest-commit/main/WannaCry HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:55:57 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"138ac1ec4b47574e1dc547cb7199c9cc"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 260
x-github-request-id: F3FB:3D726:11B6AA9:141E8F3:66B7E1EC
GET

https://github.com/kh4sh3i/Ransomware-Samples/tree-commit-info/main/WannaCry

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/tree-commit-info/main/WannaCry HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:55:57 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ae1919b5b4363f2828c5094f8afb49e1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: F3FB:3D726:11B6AA9:141E8F5:66B7E1EC
GET

https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/WannaCry

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/deferred-metadata/main/WannaCry HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:55:57 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"36e3ec3fc2b5d5beb354086916b67ef1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 421
x-github-request-id: F3FB:3D726:11B6AA9:141E8F2:66B7E1EC
GET

https://github.com/kh4sh3i/Ransomware-Samples/security/overall-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/security/overall-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:56:01 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"fae61e7007b36b4dd058bfef958b9b0f"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1906
x-github-request-id: F3FB:3D726:11B6C5D:141EAE9:66B7E1ED
GET

https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip
x-requested-with: XMLHttpRequest
x-github-target: dotcom
x-react-router: json
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:56:01 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"36e3ec3fc2b5d5beb354086916b67ef1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 421
x-github-request-id: F3FB:3D726:11B6C8D:141EB27:66B7E1F1
GET

https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/WannaCry/Ransomware.WannaCry.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/latest-commit/main/WannaCry/Ransomware.WannaCry.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

server: GitHub.com
date: Sat, 10 Aug 2024 21:56:01 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"ae1919b5b4363f2828c5094f8afb49e1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: F3FB:3D726:11B6C8F:141EB2A:66B7E1F1
GET

https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/WannaCry/Ransomware.WannaCry.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/deferred-metadata/main/WannaCry/Ransomware.WannaCry.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 302

server: GitHub.com
date: Sat, 10 Aug 2024 21:56:04 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/WannaCry/Ransomware.WannaCry.zip
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: F3FB:3D726:11B6DC2:141EC64:66B7E1F1
GET

https://github.com/kh4sh3i/Ransomware-Samples/raw/main/WannaCry/Ransomware.WannaCry.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /kh4sh3i/Ransomware-Samples/raw/main/WannaCry/Ransomware.WannaCry.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip
cookie: _gh_sess=ErweKtoMtlWijiW2MF%2B5xbMx0M6dBvSq3EAoOzoRelRMqtoZ%2F1G5eO38GtOqU%2F3WVx9IIKOCHruMj%2BaFVfJNoE2R6fmbXc7wMqpXFXM8axwaylJvEw%2BPMxQOmMbYBui7kdQ%2Ft8FgHJOCIYsxViOcCRIh5D25dEwfSS0S2fr1tS2KyzjX417xfm1O362QPnlmOalRsELO9ogjeNoo1T89%2BSvuqeAO47Cb7RGmJPelI2BcCoomhIuZY54xFEaelmiHckGjgZIVKMsecqvxo9IMpg%3D%3D--wI0BjUBYzuvOpYVB--qeW4Jg4R08091lsBe%2BUQ6g%3D%3D
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers
GET

https://github.githubassets.com/assets/vendors-node_modules_react-router-dom_dist_index_js-c5568c29d405.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_react-router-dom_dist_index_js-c5568c29d405.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
GET

https://github.githubassets.com/assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-ec5225-2554f1c99329.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-ec5225-2554f1c99329.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.112.21
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.113.21
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.113.22
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.113.22
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry
content-type: text/plain;charset=UTF-8
content-length: 1066
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:55:57 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002393
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F464:17484A:2441452:368B4A6:66B7E1ED
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry
content-type: text/plain;charset=UTF-8
content-length: 1036
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:55:57 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003136
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F464:17484A:2441452:368B4A5:66B7E1ED
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry
content-type: text/plain;charset=UTF-8
content-length: 1321
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:55:57 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002816
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F464:17484A:2441464:368B4CE:66B7E1ED
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip
content-type: text/plain;charset=UTF-8
content-length: 1124
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:56:01 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.001810
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F464:17484A:24415DA:368B80B:66B7E1F1
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip
content-type: text/plain;charset=UTF-8
content-length: 1114
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:56:01 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002481
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F464:17484A:24415DA:368B809:66B7E1ED
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip
content-type: text/plain;charset=UTF-8
content-length: 1099
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:56:01 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002656
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F464:17484A:24415DA:368B80A:66B7E1F1
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip
content-type: text/plain;charset=UTF-8
content-length: 1505
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 204

date: Sat, 10 Aug 2024 21:56:01 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002673
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: F464:17484A:24415E2:368B81C:66B7E1F1
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry
content-type: text/plain;charset=UTF-8
content-length: 431
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:55:57 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1723330557
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: F466:42180:1A82D67:1C0CADF:66B7E1ED
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry
content-type: text/plain;charset=UTF-8
content-length: 290
origin: https://github.com
cookie: _octo=GH1.1.1794739429.1723326361
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Sat, 10 Aug 2024 21:55:57 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1723330557
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: F466:42180:1A82D7A:1C0CAFA:66B7E1ED
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN AAAA

Response
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN AAAA
GET

https://avatars.githubusercontent.com/u/64693844?v=4&size=40

firefox.exe

Remote address:

185.199.110.133:443

Request

GET /u/64693844?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
if-modified-since: Mon, 07 Nov 2022 17:46:55 GMT
if-none-match: "8db50e64b91068ff6e747fa58fb1ac6cb9d882cf6123204f9b409101417f4652"
te: trailers

Response

HTTP/2.0 304

date: Sat, 10 Aug 2024 21:55:57 GMT
via: 1.1 varnish
cache-control: max-age=300
etag: "8db50e64b91068ff6e747fa58fb1ac6cb9d882cf6123204f9b409101417f4652"
x-served-by: cache-lcy-eglc8600078-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1723326958.686980,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: f464a7dbc0f72e0b55fdc459f165b7ab1847162d
expires: Sat, 10 Aug 2024 22:00:57 GMT
vary: Authorization,Accept-Encoding
DNS

21.112.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.112.82.140.in-addr.arpa

IN PTR

Response

21.112.82.140.in-addr.arpa

IN PTR

lb-140-82-112-21-iadgithubcom
DNS

21.112.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.112.82.140.in-addr.arpa

IN PTR

Response

21.112.82.140.in-addr.arpa

IN PTR

lb-140-82-112-21-iadgithubcom
GET

https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/WannaCry/Ransomware.WannaCry.zip

firefox.exe

Remote address:

185.199.110.133:443

Request

GET /kh4sh3i/Ransomware-Samples/main/WannaCry/Ransomware.WannaCry.zip HTTP/2.0
host: raw.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
etag: W/"91b6a300afb75099d6a3242567354e1533d411750cd5e786d4cfa491b4ad2420"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 883C:256887:667A30:7F27E9:66B7E1EF
accept-ranges: bytes
date: Sat, 10 Aug 2024 21:56:04 GMT
via: 1.1 varnish
x-served-by: cache-lon4240-LON
x-cache: MISS
x-cache-hits: 0
x-timer: S1723326964.272682,VS0,VE143
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: c092a1fc4b5023a59756c76dd47c7395064a4b71
expires: Sat, 10 Aug 2024 22:01:04 GMT
source-age: 0
content-length: 3481589
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

e86303.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e86303.dscx.akamaiedge.net

IN A

Response

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

95.101.143.219
DNS

e86303.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e86303.dscx.akamaiedge.net

IN A

Response

e86303.dscx.akamaiedge.net

IN A

95.101.143.219

e86303.dscx.akamaiedge.net

IN A

95.101.143.201
DNS

e86303.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e86303.dscx.akamaiedge.net

IN AAAA

Response

e86303.dscx.akamaiedge.net

IN AAAA

2a02:26f0:1780:d::213:f823

e86303.dscx.akamaiedge.net

IN AAAA

2a02:26f0:1780:d::213:f81f
DNS

e86303.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e86303.dscx.akamaiedge.net

IN AAAA
DNS

r.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.219

e86303.dscx.akamaiedge.net

IN A

95.101.143.201
DNS

r.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r.bing.com

IN A

Response

r.bing.com

IN CNAME

p-static.bing.trafficmanager.net

p-static.bing.trafficmanager.net

IN CNAME

r.bing.com.edgekey.net

r.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.219

e86303.dscx.akamaiedge.net

IN A

95.101.143.201
DNS

th.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A

Response

th.bing.com

IN CNAME

p-th.bing.com.trafficmanager.net

p-th.bing.com.trafficmanager.net

IN CNAME

th.bing.com.edgekey.net

th.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

95.101.143.219
DNS

th.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

th.bing.com

IN A

Response

th.bing.com

IN CNAME

p-th.bing.com.trafficmanager.net

p-th.bing.com.trafficmanager.net

IN CNAME

th.bing.com.edgekey.net

th.bing.com.edgekey.net

IN CNAME

e86303.dscx.akamaiedge.net

e86303.dscx.akamaiedge.net

IN A

95.101.143.219

e86303.dscx.akamaiedge.net

IN A

95.101.143.201

e86303.dscx.akamaiedge.net

IN A

88.221.135.33
DNS

www.bing.com.cdn.cloudflare.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.bing.com.cdn.cloudflare.net

IN A

Response

www.bing.com.cdn.cloudflare.net

IN A

172.64.154.167

www.bing.com.cdn.cloudflare.net

IN A

104.18.33.89
DNS

www.bing.com.cdn.cloudflare.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.bing.com.cdn.cloudflare.net

IN A

Response

www.bing.com.cdn.cloudflare.net

IN A

104.18.33.89

www.bing.com.cdn.cloudflare.net

IN A

172.64.154.167
DNS

www.bing.com.cdn.cloudflare.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.bing.com.cdn.cloudflare.net

IN AAAA

Response

www.bing.com.cdn.cloudflare.net

IN AAAA

2606:4700:4400::ac40:9aa7

www.bing.com.cdn.cloudflare.net

IN AAAA

2606:4700:4400::6812:2159
DNS

www.bing.com.cdn.cloudflare.net

firefox.exe

Remote address:

8.8.8.8:53

Request

www.bing.com.cdn.cloudflare.net

IN AAAA

Response

www.bing.com.cdn.cloudflare.net

IN AAAA

2606:4700:4400::6812:2159

www.bing.com.cdn.cloudflare.net

IN AAAA

2606:4700:4400::ac40:9aa7
DNS

location.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

location.services.mozilla.com

IN A

Response

location.services.mozilla.com

IN CNAME

prod.classify-client.prod.webservices.mozgcp.net

prod.classify-client.prod.webservices.mozgcp.net

IN A

35.190.72.216
DNS

location.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

location.services.mozilla.com

IN A

Response

location.services.mozilla.com

IN CNAME

prod.classify-client.prod.webservices.mozgcp.net

prod.classify-client.prod.webservices.mozgcp.net

IN A

35.190.72.216
GET

https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb

firefox.exe

Remote address:

35.190.72.216:443

Request

GET /v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb HTTP/2.0
host: location.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

prod.classify-client.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.classify-client.prod.webservices.mozgcp.net

IN A

Response

prod.classify-client.prod.webservices.mozgcp.net

IN A

35.190.72.216
DNS

prod.classify-client.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.classify-client.prod.webservices.mozgcp.net

IN A

Response

prod.classify-client.prod.webservices.mozgcp.net

IN A

35.190.72.216
DNS

prod.classify-client.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.classify-client.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

prod.classify-client.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.classify-client.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

216.72.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.72.190.35.in-addr.arpa

IN PTR

Response

216.72.190.35.in-addr.arpa

IN PTR

2167219035bcgoogleusercontentcom
DNS

216.72.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.72.190.35.in-addr.arpa

IN PTR

Response

216.72.190.35.in-addr.arpa

IN PTR

2167219035bcgoogleusercontentcom
DNS

189.40.188.131.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.40.188.131.in-addr.arpa

IN PTR

Response

189.40.188.131.in-addr.arpa

IN PTR

despari informatikuni-erlangende
DNS

189.40.188.131.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.40.188.131.in-addr.arpa

IN PTR

Response

189.40.188.131.in-addr.arpa

IN PTR

despari informatikuni-erlangende
DNS

244.244.23.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

244.244.23.193.in-addr.arpa

IN PTR

Response

244.244.23.193.in-addr.arpa

IN PTR

dannenbergtorauthde
DNS

244.244.23.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

244.244.23.193.in-addr.arpa

IN PTR

Response

244.244.23.193.in-addr.arpa

IN PTR

dannenbergtorauthde
DNS

78.193.25.171.in-addr.arpa

Remote address:

8.8.8.8:53

Request

78.193.25.171.in-addr.arpa

IN PTR

Response

78.193.25.171.in-addr.arpa

IN PTR

tor-exit-read-medfrise
DNS

78.193.25.171.in-addr.arpa

Remote address:

8.8.8.8:53

Request

78.193.25.171.in-addr.arpa

IN PTR

Response

78.193.25.171.in-addr.arpa

IN PTR

tor-exit-read-medfrise
DNS

9.193.25.171.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.193.25.171.in-addr.arpa

IN PTR

Response

9.193.25.171.in-addr.arpa

IN PTR

maatuska4711se
DNS

9.193.25.171.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.193.25.171.in-addr.arpa

IN PTR

Response

9.193.25.171.in-addr.arpa

IN PTR

maatuska4711se
DNS

12.48.183.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

12.48.183.95.in-addr.arpa

IN PTR

Response

12.48.183.95.in-addr.arpa

IN PTR

hosted-bysolarcomch
DNS

12.48.183.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

12.48.183.95.in-addr.arpa

IN PTR

Response

12.48.183.95.in-addr.arpa

IN PTR

hosted-bysolarcomch

52.142.223.178:80

46 B
1
95.100.245.144:443

https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ

tls, http2

MicrosoftEdgeCP.exe

2.6kB
20.0kB
31
26

HTTP Request

GET https://www.microsoft.com/en-us/edge/server/download?form=MA13FJ

HTTP Response

200
95.100.245.144:443

www.microsoft.com

tls, http2

MicrosoftEdgeCP.exe

1.5kB
7.0kB
19
16
152.199.19.160:443

ajax.aspnetcdn.com

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.4kB
18
15
152.199.19.160:443

https://ajax.aspnetcdn.com/ajax/jquery.ui/1.11.1/jquery-ui.min.js

tls, http2

MicrosoftEdgeCP.exe

4.9kB
106.1kB
90
84

HTTP Request

GET https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.4.min.js

HTTP Request

GET https://ajax.aspnetcdn.com/ajax/jquery.ui/1.11.1/jquery-ui.min.js

HTTP Response

200

HTTP Response

200
13.107.246.64:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.8kB
19
16
13.107.246.64:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.4kB
7.8kB
20
17
13.107.246.64:443

https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display-bold.2756fcb.woff2

tls, http2

MicrosoftEdgeCP.exe

72.8kB
2.1MB
1533
1515

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/css/b2275d2.css

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/css/5c176d7.css

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/css/97af919.css

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/css/f94b2c3.css

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/5d56b21.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/96ca61e.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/b8f89d1.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/e286996.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/761c495.js

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/f4d8389.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display-light.e452665.woff2

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display-semilight.1338e9a.woff2

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display.e85854a.woff2

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display-semibold.1977a17.woff2

HTTP Request

GET https://edgestatic.azureedge.net/shared/edgeweb/fonts/segoeui-vf-display-bold.2756fcb.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
13.107.246.64:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.9kB
19
17
13.107.246.64:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.4kB
7.8kB
20
17
13.107.246.64:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.9kB
19
16
13.107.246.64:443

edgestatic.azureedge.net

tls, http2

MicrosoftEdge.exe

1.3kB
7.8kB
19
17
13.107.246.64:443

https://edgestatic.azureedge.net/welcome/static/favicon.png

tls, http2

MicrosoftEdge.exe

2.3kB
16.5kB
27
24

HTTP Request

GET https://edgestatic.azureedge.net/welcome/static/favicon.png

HTTP Response

200
152.199.21.175:443

msedge.sf.dl.delivery.mp.microsoft.com

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.1kB
18
15
152.199.21.175:443

https://msedge.sf.dl.delivery.mp.microsoft.com/filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe

tls, http2

MicrosoftEdgeCP.exe

179.6kB
5.1MB
3704
3689

HTTP Request

GET https://msedge.sf.dl.delivery.mp.microsoft.com/filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe

HTTP Response

200

HTTP Request

GET https://msedge.sf.dl.delivery.mp.microsoft.com/filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe

HTTP Response

200

HTTP Request

GET https://msedge.sf.dl.delivery.mp.microsoft.com/filestreamingservice/files/930b8c80-17c1-4850-b5ee-3dd601265f34/MicrosoftEdgeSetup.exe

HTTP Response

200
204.79.197.203:443

www.msn.com

tls, http2

MicrosoftEdgeCP.exe

1.3kB
7.0kB
17
16
204.79.197.203:443

https://www.msn.com/bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

tls, http2

MicrosoftEdgeCP.exe

10.3kB
154.1kB
149
146

HTTP Request

GET https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

HTTP Response

200

HTTP Request

GET https://www.msn.com/bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

HTTP Response

200

HTTP Request

GET https://www.msn.com/spartan/ntp?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

HTTP Response

200

HTTP Request

GET https://www.msn.com/bundles/v1/edge/latest/manifest.appcache?locale=en-US&market=US&enableregulatorypsm=0&enablecpsm=0&ishostisolationenforced=0&targetexperience=default

HTTP Response

200
95.101.143.105:443

assets.msn.com

tls, http2

MicrosoftEdgeCP.exe

1.1kB
4.6kB
15
14
95.101.143.105:443

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otTCF.js

tls, http2

MicrosoftEdgeCP.exe

19.9kB
491.5kB
376
369

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/otSDKStub.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edge/latest/common.5dd7cff85de67632bfd7.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edge/latest/vendors.c47bf4f4981f23895ddb.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edge/latest/microsoft.8aa91a5fe4f5d8517ae1.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/55a804ab-e5c6-4b97-9319-86263d365d28.json

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otBannerSdk.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/e51556d4-5848-4a4b-a5e2-bc98431e1bf7/en-gb.json

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2V2Data.json

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.9/scripttemplates/202310.2.0/otTCF.js

HTTP Response

200

HTTP Response

200

HTTP Response

200
95.101.143.105:443

assets.msn.com

tls, http2

MicrosoftEdgeCP.exe

1.1kB
4.6kB
15
14
95.101.143.105:443

assets.msn.com

tls, http2

MicrosoftEdgeCP.exe

1.1kB
4.6kB
15
13
13.89.178.27:443

browser.events.data.msn.com

tls, http2

MicrosoftEdgeCP.exe

1.3kB
6.9kB
17
11
13.89.178.27:443

https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon

tls, http2

MicrosoftEdgeCP.exe

25.4kB
10.0kB
41
23

HTTP Request

POST https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon

HTTP Request

POST https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon

HTTP Request

POST https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.2.2&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1723326221000&w=0&anoncknm=app_anon

HTTP Response

200

HTTP Response

200

HTTP Response

200
204.79.197.203:443

https://www.msn.com/favicon.ico

tls, http2

MicrosoftEdge.exe

1.8kB
10.3kB
20
19

HTTP Request

GET https://www.msn.com/favicon.ico

HTTP Response

200
204.79.197.203:443

www.msn.com

tls, http2

MicrosoftEdge.exe

1.4kB
8.4kB
17
16
20.114.58.89:443

https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/127.0.2651.98/files?action=GenerateDownloadInfo&foregroundPriority=true

tls, http

MicrosoftEdgeUpdate.exe

3.1kB
12.3kB
14
16

HTTP Request

POST https://msedge.api.cdp.microsoft.com/api/v2/contents/Browser/namespaces/Default/names?action=batchupdates

HTTP Response

200

HTTP Request

POST https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedge-stable-win-x64/versions/127.0.2651.98/files?action=GenerateDownloadInfo&foregroundPriority=true

HTTP Response

200
217.20.58.36:80

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

http

729 B
959 B
6
5

HTTP Request

HEAD http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

200
217.20.58.36:80

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

http

2.5MB
151.8MB
51374
108746

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206
204.79.197.200:443

ieonline.microsoft.com

tls, http2

MicrosoftEdge.exe

1.2kB
8.2kB
16
15
95.101.143.201:443

www.bing.com

tls, http2

MicrosoftEdge.exe

1.2kB
4.9kB
16
15
95.101.143.201:443

https://www.bing.com/cortanaassist/rules?cc=US&version=6

tls, http2

MicrosoftEdge.exe

3.5kB
64.5kB
61
58

HTTP Request

GET https://www.bing.com/cortanaassist/rules?cc=US&version=6

HTTP Response

404
127.0.0.1:50498

firefox.exe
127.0.0.1:50504

firefox.exe
95.101.143.219:443

https://www.bing.com/rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png

tls, http2

firefox.exe

5.7kB
184.9kB
78
147

HTTP Request

GET https://www.bing.com/search?form=MOZLBR&pc=MOZI&q=ransoware+data+base+github

HTTP Response

200

HTTP Request

GET https://www.bing.com/rp/B6jGHby7hXuEC7enS8xiNSUwqXw.png

HTTP Response

200
95.101.143.201:443

r.bing.com

tls, http2

firefox.exe

1.3kB
5.1kB
12
11
95.101.143.201:443

https://r.bing.com/rp/NrVxAJRIC-KRKL-qHvM71lVoCPs.br.css

tls, http2

firefox.exe

2.2kB
14.3kB
22
30

HTTP Request

GET https://r.bing.com/rp/NrVxAJRIC-KRKL-qHvM71lVoCPs.br.css

HTTP Response

200
95.101.143.219:443

th.bing.com

tls, http2

firefox.exe

1.4kB
5.1kB
13
12
95.101.143.219:443

th.bing.com

tls, http2

firefox.exe

1.3kB
5.0kB
12
10
95.101.143.219:443

th.bing.com

tls, http2

firefox.exe

1.3kB
5.2kB
12
12
95.101.143.219:443

th.bing.com

tls, http2

firefox.exe

1.3kB
5.1kB
12
12
95.101.143.219:443

th.bing.com

tls, http2

firefox.exe

1.3kB
5.2kB
12
14
95.101.143.219:443

th.bing.com

tls, http2

firefox.exe

1.3kB
5.1kB
11
12
40.126.31.69:443

https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=20bc090e-636b-4a61-8891-1b90a7018730&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%2264DA08D00105497A9890DC74AC2CACB8%22%7d

tls, http

firefox.exe

2.6kB
7.6kB
23
22

HTTP Request

GET https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=20bc090e-636b-4a61-8891-1b90a7018730&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%2264DA08D00105497A9890DC74AC2CACB8%22%7d

HTTP Response

200
13.107.5.80:443

https://services.bingapis.com/suggestionchips/api/v1/cannedChips

tls, http2

firefox.exe

2.7kB
10.2kB
24
25

HTTP Request

OPTIONS https://services.bingapis.com/suggestionchips/api/v1/cannedChips

HTTP Response

204

HTTP Request

POST https://services.bingapis.com/suggestionchips/api/v1/cannedChips

HTTP Response

200
13.107.5.80:443

services.bingapis.com

tls, http2

firefox.exe

1.4kB
8.3kB
13
14
20.26.156.215:443

https://github.com/kh4sh3i/Ransomware-Samples/raw/main/Jigsaw/Ransomware.Jigsaw.zip

tls, http2

firefox.exe

10.1kB
324.4kB
99
297

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/raw/main/ransomware.png

HTTP Response

302

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/refs?type=branch

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/tree-commit-info/main

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/overview-files/main

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/branch-count

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/tag-count

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/fluidicon.png

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/security/overall-count

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/spoofed_commit_check/71f6062209bed1c52b63637746239868da0da49e

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/hovercards/citation/sidebar_partial?tree_name=main

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/used_by_list

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/tree/main/TeslaCrypt

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/TeslaCrypt

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/tree-commit-info/main/TeslaCrypt

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/TeslaCrypt

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/tree/main/Jigsaw

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/Jigsaw

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/tree-commit-info/main/Jigsaw

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/Jigsaw

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/blob/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/raw/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

HTTP Response

302

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/blob/main/Jigsaw/Ransomware.Jigsaw.zip

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/Jigsaw/Ransomware.Jigsaw.zip

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/Jigsaw/Ransomware.Jigsaw.zip

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/raw/main/Jigsaw/Ransomware.Jigsaw.zip

HTTP Response

302
185.199.109.154:443

https://github.githubassets.com/assets/react-code-view.234ae39ff1fa1232236c.module.css

tls, http2

firefox.exe

70.4kB
1.7MB
851
1348

HTTP Request

GET https://github.githubassets.com/assets/light-efd2f2257c96.css

HTTP Request

GET https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-c4c6e3be7790.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_modules_primer_react_lib-esm_Text-7845da-3bcd176ee601.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-e73d967c1bb4.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_SelectPanel_SelectPanel_js-da4b9b447323.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modules_primer_react_lib-esm_Feature-c10078-a365ebbc3112.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu-7732df7cded3.js

HTTP Request

GET https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-c4c6e3be7790.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js

HTTP Request

GET https://github.githubassets.com/assets/repository-992e95451f25.css

HTTP Request

GET https://github.githubassets.com/assets/code-34406d39e629.css

HTTP Request

GET https://github.githubassets.com/assets/wp-runtime-6ea6ec8e4769.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-89a69c248502.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_smoothscroll-polyfill_di-75db2e-686488490524.js

HTTP Request

GET https://github.githubassets.com/assets/environment-cd098098ff2e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-c9086a4fb62b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f9b958f5f2df.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_combo-aea225-dcf5851b6d7d.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-cd48220d74d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_details-d-ed9a97-841122a1e9d4.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-3efda3-701acb69193f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-2355048ff048.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_clipboard-copy-element_-782ca5-54763cd55b96.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-3959a9-5779869d7165.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-9d50d6f10c3d.js

HTTP Request

GET https://github.githubassets.com/assets/github-elements-b5a402753026.js

HTTP Request

GET https://github.githubassets.com/assets/element-registry-2b312e7d31e7.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-7901e7-dc88587c14ed.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_stack-68835d-a18220f1db8d.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_hotkey-1a1d91-fa9f29a8514b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-53b423ede32a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_session-resume_dist_index_js-node_modules_primer_behaviors_dist_e-da6ec6-5de3eedc1320.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_textarea-autosi-9e0349-ab4976fc78a6.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-e15463ecf7e6.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-f0e1d31bff9a.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-467754-8b1a4442f9b3.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-4accd4baf37d.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-6deafe-fc95155e233a.js

HTTP Request

GET https://github.githubassets.com/assets/behaviors-d0c6b90f51b9.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-global-3ddac678adaf.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-62113d33abd1.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-00df584d9e79.js

HTTP Request

GET https://github.githubassets.com/assets/codespaces-1f3309c400b4.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_filter--0879fe-bcfcfd976be7.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_repositories_get-repo-element_ts-4fc152f40452.js

HTTP Request

GET https://github.githubassets.com/assets/repositories-22e89d7b03b0.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1.js

HTTP Request

GET https://github.githubassets.com/assets/code-menu-a8d08997ac4f.js

HTTP Request

GET https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-c4c6e3be7790.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_modules_primer_react_lib-esm_Text-7845da-3bcd176ee601.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-e73d967c1bb4.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_SelectPanel_SelectPanel_js-da4b9b447323.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modules_primer_react_lib-esm_Feature-c10078-a365ebbc3112.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu-7732df7cded3.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu.572fff1cb5c3caef1ac9.module.css

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_Dialog_js-node_modules_primer_react_lib-esm_-bd7638-349234c98e00.js

HTTP Request

GET https://github.githubassets.com/assets/keyboard-shortcuts-dialog-50744f45bf65.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js

HTTP Request

GET https://github.githubassets.com/assets/sessions-b81e688feb0f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_react-router-dom_dist_index_js-c5568c29d405.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_UnderlineNav_index_js-a48891f88da5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_BranchName_BranchName_js-node_modules_primer_react_-5ab9a5-f0ab9737bc0f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_primer_react-463b8d-8ea935c80ae4.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_AvatarStack_AvatarStack_js-node_modules_primer_reac-721fcb-c60889ba2d72.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_paths_index_ts-a5d19f5b3108.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-a811a847f4e3.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-d56ca1-c6b3e84f88d7.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-file-page-payload_ts-ui_packages_copy-to-clipboard_ind-7aee8b-736b82387f3f.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/repos-overview-8b42a5904539.js

HTTP Request

GET https://github.githubassets.com/assets/repos-overview.47cf64b9ae0677ccb350.module.css

HTTP Request

GET https://github.githubassets.com/assets/dark-6b1e37da2254.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/primer-primitives-8500c2c7ce5f.css

HTTP Request

GET https://github.githubassets.com/assets/primer-bbda46ca867f.css

HTTP Request

GET https://github.githubassets.com/assets/global-6f01bc73955b.css

HTTP Request

GET https://github.githubassets.com/assets/github-4bf1effa8118.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-72e65e1a9e50.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-04fb8f0-1620a267eab5.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-3a568db843b2.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-ui_packages_safe-storage_safe-storage_ts-90c65e701241.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_assets_modules_github_jump-to_ts-d6aa6256bf8e.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_form-utils_form-utils_ts-ui_packa-cd5fe9-2993ae65b9a8.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-a30501e51b3a.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-b8a0d9bc2ed9.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-ui_packages_trusted-types-policies_policy_ts--77a9d9-5febadf19308.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-2cd71482a783.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/favicons/favicon.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/primer-bbda46ca867f.css

HTTP Request

GET https://github.githubassets.com/assets/global-6f01bc73955b.css

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-6deafe-fc95155e233a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ConfirmationDialog_ConfirmationDialog_js-099e8bfead83.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Heading_Heading_js-node_modules_primer_react_lib-es-96435f-dbb4ca9db9f8.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TreeView_TreeView_js-1b1a492a9329.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_scroll-into-view_js-node_modules_primer_react_-91c222-9bca588cddb2.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_react-core_register-app_ts-d92f692cd90a.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-f45efb-404435465b5f.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-ec5225-2554f1c99329.js

HTTP Request

GET https://github.githubassets.com/assets/react-code-view-5dc60bcae5de.js

HTTP Request

GET https://github.githubassets.com/assets/react-code-view.234ae39ff1fa1232236c.module.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

1.5kB
4.7kB
11
9
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

1.5kB
4.7kB
11
9
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

1.5kB
4.1kB
11
8
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

1.6kB
4.7kB
12
9
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

1.5kB
4.7kB
11
9
185.199.110.133:443

https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/Jigsaw/Ransomware.Jigsaw.zip

tls, http2

firefox.exe

11.7kB
807.5kB
220
607

HTTP Request

GET https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/ransomware.png

HTTP Response

200

HTTP Request

GET https://avatars.githubusercontent.com/u/64693844?v=4&size=40

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/TeslaCrypt/Ransomware.TeslaCrypt.zip

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/Jigsaw/Ransomware.Jigsaw.zip

HTTP Response

200
140.82.113.21:443

https://collector.github.com/github/collect

tls, http2

firefox.exe

27.0kB
16.3kB
74
74

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Response

204
185.199.110.133:443

avatars.githubusercontent.com

tls, http2

firefox.exe

1.4kB
5.0kB
14
13
140.82.113.21:443

collector.github.com

tls, http2

firefox.exe

1.2kB
4.8kB
10
11
172.64.154.167:443

www2.bing.com

tls

firefox.exe

747 B
219 B
5
5
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

firefox.exe

6.4kB
11.1kB
37
31

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
217.20.58.36:80

http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

http

314.5kB
23.3MB
6583
16668

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206

HTTP Request

GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/529a41cd-5c0c-4cd0-8061-b71feaa8a336?P1=1723931026&P2=404&P3=2&P4=XF0JCuB7q%2b7sieeyeU6cDVFx%2fjkBFt7DL0fM0RdKQbKqJdrUuUocEHLl2CCb5w5nuCqWbJywu2IqexJfuWYAAA%3d%3d

HTTP Response

206
142.250.179.174:443

redirector.gvt1.com

tls

firefox.exe

1.6kB
8.7kB
17
18
88.221.134.209:80

http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

http

firefox.exe

8.2kB
467.5kB
172
349

HTTP Request

GET http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

HTTP Response

200
74.125.163.138:443

r5---sn-4g5lzney.gvt1.com

tls

firefox.exe

301.9kB
9.4MB
4531
6762
103.198.0.111:443

7tno4hib47vlep5o.tor2web.org

gsalfrh.exe

156 B
3
103.198.0.111:443

7tno4hib47vlep5o.tor2web.org

gsalfrh.exe

156 B
3
103.198.0.111:443

7tno4hib47vlep5o.tor2web.org

gsalfrh.exe

156 B
3
20.26.156.215:443

https://github.com/kh4sh3i/Ransomware-Samples/raw/main/WannaCry/Ransomware.WannaCry.zip

tls, http2

firefox.exe

4.6kB
77.7kB
37
82

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/tree/main/WannaCry

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/WannaCry

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/tree-commit-info/main/WannaCry

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/WannaCry

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/security/overall-count

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/blob/main/WannaCry/Ransomware.WannaCry.zip

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/latest-commit/main/WannaCry/Ransomware.WannaCry.zip

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/deferred-metadata/main/WannaCry/Ransomware.WannaCry.zip

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/kh4sh3i/Ransomware-Samples/raw/main/WannaCry/Ransomware.WannaCry.zip

HTTP Response

302
185.199.109.154:443

https://github.githubassets.com/assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js

tls, http2

firefox.exe

4.3kB
1.6kB
24
22

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_react-router-dom_dist_index_js-c5568c29d405.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-ec5225-2554f1c99329.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js
140.82.112.21:443

https://collector.github.com/github/collect

tls, http2

firefox.exe

12.1kB
9.6kB
37
38

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Response

204
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

firefox.exe

3.0kB
6.6kB
19
19

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
185.199.110.133:443

avatars.githubusercontent.com

firefox.exe

98 B
52 B
2
1
185.199.110.133:443

https://avatars.githubusercontent.com/u/64693844?v=4&size=40

tls, http2

firefox.exe

2.9kB
2.1kB
20
19

HTTP Request

GET https://avatars.githubusercontent.com/u/64693844?v=4&size=40

HTTP Response

304
185.199.110.133:443

https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/WannaCry/Ransomware.WannaCry.zip

tls, http2

firefox.exe

65.7kB
3.6MB
1354
2603

HTTP Request

GET https://raw.githubusercontent.com/kh4sh3i/Ransomware-Samples/main/WannaCry/Ransomware.WannaCry.zip

HTTP Response

200
95.101.143.219:443

www.bing.com

tls, http2

firefox.exe

1.5kB
1.2kB
11
13
95.101.143.219:443

www.bing.com

tls, http2

firefox.exe

1.4kB
1.0kB
10
9
95.101.143.219:443

www.bing.com

tls, http2

firefox.exe

1.4kB
1.0kB
10
9
172.64.154.167:443

www2.bing.com

tls

firefox.exe

747 B
219 B
5
5
35.190.72.216:443

https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb

tls, http2

firefox.exe

1.7kB
4.6kB
13
15

HTTP Request

GET https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
127.0.0.1:9050

@WanaDecryptor@.exe
185.100.85.61:443

www.nnvbfmmejtrs5oxwtwcr.com

tls

taskhsvc.exe

3.1kB
7.4kB
13
12
199.254.238.52:443

taskhsvc.exe

156 B
3
127.0.0.1:63503

taskhsvc.exe
81.7.16.182:443

taskhsvc.exe

156 B
3
163.172.13.165:9001

taskhsvc.exe

156 B
3
131.188.40.189:443

www.ohx2fbnrr7mg7lxxis.com

tls

taskhsvc.exe

3.0kB
6.2kB
11
10
82.223.21.74:9001

taskhsvc.exe

156 B
120 B
3
3
171.25.193.78:443

www.psp75uz.com

tls

taskhsvc.exe

773 B
3.5kB
9
8
193.23.244.244:443

www.vj76bc4appf7.com

tls

taskhsvc.exe

2.9kB
5.6kB
9
8
171.25.193.78:443

www.qjum255go6mgxfw5no6ingjw.com

tls

taskhsvc.exe

790 B
3.5kB
9
8
127.0.0.1:9050

@WanaDecryptor@.exe
127.0.0.1:9050

@WanaDecryptor@.exe
171.25.193.9:80

www.fgnn5ft.com

tls

taskhsvc.exe

5.1kB
6.2kB
12
9
95.183.48.12:443

www.kxovmpldal6vd3sz.com

tls

taskhsvc.exe

736 B
4.0kB
8
9

8.8.8.8:53

14.227.111.52.in-addr.arpa

dns

144 B
158 B
2
1

DNS Request

14.227.111.52.in-addr.arpa

DNS Request

14.227.111.52.in-addr.arpa
8.8.8.8:53

174.117.168.52.in-addr.arpa

dns

193 B
299 B
3
3

DNS Request

174.117.168.52.in-addr.arpa

DNS Request

api.github.com

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Response

20.26.156.210
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

57.110.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

57.110.18.2.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

MicrosoftEdge.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

95.100.245.144
8.8.8.8:53

144.245.100.95.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

144.245.100.95.in-addr.arpa
8.8.8.8:53

ajax.aspnetcdn.com

dns

MicrosoftEdgeCP.exe

64 B
146 B
1
1

DNS Request

ajax.aspnetcdn.com

DNS Response

152.199.19.160
8.8.8.8:53

edgestatic.azureedge.net

dns

MicrosoftEdge.exe

70 B
231 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64
8.8.8.8:53

64.246.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.246.107.13.in-addr.arpa
8.8.8.8:53

msedge.sf.dl.delivery.mp.microsoft.com

dns

MicrosoftEdgeCP.exe

84 B
342 B
1
1

DNS Request

msedge.sf.dl.delivery.mp.microsoft.com

DNS Response

152.199.21.175
8.8.8.8:53

175.21.199.152.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

175.21.199.152.in-addr.arpa
8.8.8.8:53

253.15.104.51.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

253.15.104.51.in-addr.arpa
8.8.8.8:53

www.msn.com

dns

MicrosoftEdge.exe

57 B
132 B
1
1

DNS Request

www.msn.com

DNS Response

204.79.197.203
8.8.8.8:53

assets.msn.com

dns

MicrosoftEdgeCP.exe

60 B
166 B
1
1

DNS Request

assets.msn.com

DNS Response

95.101.143.105

95.101.143.242
8.8.8.8:53

browser.events.data.msn.com

dns

MicrosoftEdgeCP.exe

73 B
203 B
1
1

DNS Request

browser.events.data.msn.com

DNS Response

13.89.178.27
8.8.8.8:53

105.143.101.95.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

105.143.101.95.in-addr.arpa
8.8.8.8:53

27.178.89.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

27.178.89.13.in-addr.arpa
8.8.8.8:53

msedge.api.cdp.microsoft.com

dns

MicrosoftEdgeUpdate.exe

74 B
158 B
1
1

DNS Request

msedge.api.cdp.microsoft.com

DNS Response

20.114.58.89
8.8.8.8:53

89.58.114.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

89.58.114.20.in-addr.arpa
8.8.8.8:53

msedge.f.tlu.dl.delivery.mp.microsoft.com

dns

87 B
392 B
1
1

DNS Request

msedge.f.tlu.dl.delivery.mp.microsoft.com

DNS Response

217.20.58.36

217.20.58.24

217.20.58.22

217.20.58.99

217.20.58.21

217.20.58.37

217.20.58.98

217.20.58.101
8.8.8.8:53

36.58.20.217.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

36.58.20.217.in-addr.arpa
8.8.8.8:53

161.19.199.152.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

161.19.199.152.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

MicrosoftEdge.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

95.100.245.144
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

201.143.101.95.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

201.143.101.95.in-addr.arpa
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
116 B
1
1

DNS Request

shavar.prod.mozaws.net

DNS Response

44.239.110.200

35.165.99.161

35.155.86.205
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
119 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

136 B
306 B
2
2

DNS Request

shavar.prod.mozaws.net

DNS Request

shavar.prod.mozaws.net
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

206 B
262 B
2
2

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

188 B
374 B
2
2

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net
8.8.8.8:53

166.188.117.34.in-addr.arpa

dns

146 B
252 B
2
2

DNS Request

166.188.117.34.in-addr.arpa

DNS Request

166.188.117.34.in-addr.arpa
8.8.8.8:53

161.99.165.35.in-addr.arpa

dns

144 B
270 B
2
2

DNS Request

161.99.165.35.in-addr.arpa

DNS Request

161.99.165.35.in-addr.arpa
8.8.8.8:53

support.mozilla.org

dns

firefox.exe

130 B
310 B
2
2

DNS Request

support.mozilla.org

DNS Request

support.mozilla.org

DNS Response

34.149.128.2

DNS Response

34.149.128.2
8.8.8.8:53

www.mozilla.org

dns

firefox.exe

122 B
222 B
2
2

DNS Request

www.mozilla.org

DNS Request

www.mozilla.org

DNS Response

143.204.72.186

DNS Response

143.204.72.186
8.8.8.8:53

wiki.mozilla.org

dns

firefox.exe

124 B
342 B
2
2

DNS Request

wiki.mozilla.org

DNS Request

wiki.mozilla.org

DNS Response

34.208.162.104

52.24.175.29

35.163.213.45

DNS Response

52.24.175.29

34.208.162.104

35.163.213.45
8.8.8.8:53

us-west1.prod.sumo.prod.webservices.mozgcp.net

dns

firefox.exe

184 B
216 B
2
2

DNS Request

us-west1.prod.sumo.prod.webservices.mozgcp.net

DNS Request

us-west1.prod.sumo.prod.webservices.mozgcp.net

DNS Response

34.149.128.2

DNS Response

34.149.128.2
8.8.8.8:53

www.mozorg.moz.works

dns

firefox.exe

132 B
164 B
2
2

DNS Request

www.mozorg.moz.works

DNS Request

www.mozorg.moz.works

DNS Response

143.204.72.186

DNS Response

143.204.72.186
8.8.8.8:53

wiki-prod-850398177.us-west-2.elb.amazonaws.com

dns

firefox.exe

186 B
282 B
2
2

DNS Request

wiki-prod-850398177.us-west-2.elb.amazonaws.com

DNS Request

wiki-prod-850398177.us-west-2.elb.amazonaws.com

DNS Response

52.24.175.29

34.208.162.104

35.163.213.45

DNS Response

52.24.175.29

34.208.162.104

35.163.213.45
8.8.8.8:53

us-west1.prod.sumo.prod.webservices.mozgcp.net

dns

firefox.exe

328 B
486 B
4
3

DNS Request

us-west1.prod.sumo.prod.webservices.mozgcp.net

DNS Request

us-west1.prod.sumo.prod.webservices.mozgcp.net

DNS Request

61.85.100.185.in-addr.arpa

DNS Request

61.85.100.185.in-addr.arpa
8.8.8.8:53

wiki-prod-850398177.us-west-2.elb.amazonaws.com

dns

firefox.exe

186 B
342 B
2
2

DNS Request

wiki-prod-850398177.us-west-2.elb.amazonaws.com

DNS Request

wiki-prod-850398177.us-west-2.elb.amazonaws.com
8.8.8.8:53

www.mozorg.moz.works

dns

firefox.exe

132 B
294 B
2
2

DNS Request

www.mozorg.moz.works

DNS Request

www.mozorg.moz.works
8.8.8.8:53

e86303.dscx.akamaiedge.net

dns

firefox.exe

144 B
208 B
2
2

DNS Request

e86303.dscx.akamaiedge.net

DNS Request

e86303.dscx.akamaiedge.net

DNS Response

95.101.143.201

95.101.143.219

DNS Response

95.101.143.201

95.101.143.219
8.8.8.8:53

e86303.dscx.akamaiedge.net

dns

firefox.exe

144 B
256 B
2
2

DNS Request

e86303.dscx.akamaiedge.net

DNS Request

e86303.dscx.akamaiedge.net

DNS Response

2a02:26f0:1780:d::213:f823

2a02:26f0:1780:d::213:f81f

DNS Response

2a02:26f0:1780:d::213:f823

2a02:26f0:1780:d::213:f81f
8.8.8.8:53

219.143.101.95.in-addr.arpa

dns

146 B
278 B
2
2

DNS Request

219.143.101.95.in-addr.arpa

DNS Request

219.143.101.95.in-addr.arpa
95.101.143.219:443

e86303.dscx.akamaiedge.net

https

firefox.exe

211.2kB
2.4MB
535
2092
8.8.8.8:53

r.bing.com

dns

firefox.exe

112 B
408 B
2
2

DNS Request

r.bing.com

DNS Request

r.bing.com

DNS Response

95.101.143.201

95.101.143.219

DNS Response

95.101.143.201

95.101.143.219
95.101.143.201:443

r.bing.com

https

firefox.exe

1.9kB
5.5kB
6
4
8.8.8.8:53

th.bing.com

dns

firefox.exe

114 B
412 B
2
2

DNS Request

th.bing.com

DNS Request

th.bing.com

DNS Response

95.101.143.219

95.101.143.201

DNS Response

95.101.143.201

95.101.143.219
95.101.143.219:443

th.bing.com

https

firefox.exe

1.9kB
6.9kB
7
5
8.8.8.8:53

login.microsoftonline.com

dns

firefox.exe

142 B
628 B
2
2

DNS Request

login.microsoftonline.com

DNS Request

login.microsoftonline.com

DNS Response

40.126.31.69

20.190.159.0

40.126.31.67

20.190.159.64

20.190.159.4

40.126.31.71

20.190.159.71

20.190.159.73

DNS Response

20.190.159.64

20.190.159.0

20.190.159.73

40.126.31.69

40.126.31.71

20.190.159.4

40.126.31.67

20.190.159.71
8.8.8.8:53

www.tm.ak.prd.aadg.trafficmanager.net

dns

firefox.exe

166 B
422 B
2
2

DNS Request

www.tm.ak.prd.aadg.trafficmanager.net

DNS Request

www.tm.ak.prd.aadg.trafficmanager.net

DNS Response

40.126.31.67

20.190.159.2

20.190.159.75

20.190.159.0

20.190.159.68

40.126.31.69

20.190.159.4

20.190.159.64

DNS Response

40.126.31.67

40.126.31.69

20.190.159.0

20.190.159.64

20.190.159.4

20.190.159.2

20.190.159.75

20.190.159.68
8.8.8.8:53

www.tm.ak.prd.aadg.trafficmanager.net

dns

firefox.exe

166 B
307 B
2
1

DNS Request

www.tm.ak.prd.aadg.trafficmanager.net

DNS Request

www.tm.ak.prd.aadg.trafficmanager.net

DNS Response

2603:1027:1:158::8

2603:1026:3000:150::5

2603:1026:3000:150::8

2603:1026:3000:150::c

2603:1027:1:158::a

2603:1026:3000:150::6

2603:1027:1:158::c

2603:1026:3000:150::a
8.8.8.8:53

69.31.126.40.in-addr.arpa

dns

142 B
314 B
2
2

DNS Request

69.31.126.40.in-addr.arpa

DNS Request

69.31.126.40.in-addr.arpa
8.8.8.8:53

services.bingapis.com

dns

firefox.exe

134 B
304 B
2
2

DNS Request

services.bingapis.com

DNS Request

services.bingapis.com

DNS Response

13.107.5.80

DNS Response

13.107.5.80
8.8.8.8:53

e-0001.e-msedge.net

dns

firefox.exe

130 B
162 B
2
2

DNS Request

e-0001.e-msedge.net

DNS Request

e-0001.e-msedge.net

DNS Response

13.107.5.80

DNS Response

13.107.5.80
8.8.8.8:53

e-0001.e-msedge.net

dns

firefox.exe

130 B
250 B
2
2

DNS Request

e-0001.e-msedge.net

DNS Request

e-0001.e-msedge.net
8.8.8.8:53

github.com

dns

firefox.exe

262 B
350 B
4
3

DNS Request

github.com

DNS Request

github.com

DNS Response

20.26.156.215

DNS Request

avatars.githubusercontent.com

DNS Request

avatars.githubusercontent.com

DNS Response

185.199.111.133

185.199.110.133

185.199.109.133

185.199.108.133

DNS Response

185.199.109.133

185.199.110.133

185.199.108.133

185.199.111.133
8.8.8.8:53

github.com

dns

firefox.exe

112 B
144 B
2
2

DNS Request

github.com

DNS Request

github.com

DNS Response

20.26.156.215

DNS Response

20.26.156.215
8.8.8.8:53

github.com

dns

firefox.exe

112 B
242 B
2
2

DNS Request

github.com

DNS Request

github.com
8.8.8.8:53

80.5.107.13.in-addr.arpa

dns

140 B
312 B
2
2

DNS Request

80.5.107.13.in-addr.arpa

DNS Request

80.5.107.13.in-addr.arpa
8.8.8.8:53

215.156.26.20.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

215.156.26.20.in-addr.arpa

DNS Request

215.156.26.20.in-addr.arpa
8.8.8.8:53

github.githubassets.com

dns

firefox.exe

138 B
266 B
2
2

DNS Request

github.githubassets.com

DNS Request

github.githubassets.com

DNS Response

185.199.109.154

185.199.108.154

185.199.110.154

185.199.111.154

DNS Response

185.199.111.154

185.199.109.154

185.199.110.154

185.199.108.154
8.8.8.8:53

github.githubassets.com

dns

firefox.exe

138 B
266 B
2
2

DNS Request

github.githubassets.com

DNS Request

github.githubassets.com

DNS Response

185.199.108.154

185.199.109.154

185.199.111.154

185.199.110.154

DNS Response

185.199.110.154

185.199.108.154

185.199.111.154

185.199.109.154
8.8.8.8:53

github.githubassets.com

dns

firefox.exe

138 B
268 B
2
2

DNS Request

github.githubassets.com

DNS Request

github.githubassets.com
8.8.8.8:53

raw.githubusercontent.com

dns

firefox.exe

142 B
270 B
2
2

DNS Request

raw.githubusercontent.com

DNS Request

raw.githubusercontent.com

DNS Response

185.199.110.133

185.199.109.133

185.199.111.133

185.199.108.133

DNS Response

185.199.108.133

185.199.111.133

185.199.109.133

185.199.110.133
8.8.8.8:53

raw.githubusercontent.com

dns

firefox.exe

142 B
270 B
2
2

DNS Request

raw.githubusercontent.com

DNS Request

raw.githubusercontent.com

DNS Response

185.199.108.133

185.199.109.133

185.199.111.133

185.199.110.133

DNS Response

185.199.109.133

185.199.110.133

185.199.111.133

185.199.108.133
8.8.8.8:53

raw.githubusercontent.com

dns

firefox.exe

142 B
183 B
2
1

DNS Request

raw.githubusercontent.com

DNS Request

raw.githubusercontent.com

DNS Response

2606:50c0:8002::154

2606:50c0:8000::154

2606:50c0:8003::154

2606:50c0:8001::154
8.8.8.8:53

www.tm.v4.a.prd.aadg.trafficmanager.net

dns

firefox.exe

170 B
426 B
2
2

DNS Request

www.tm.v4.a.prd.aadg.trafficmanager.net

DNS Request

www.tm.v4.a.prd.aadg.trafficmanager.net

DNS Response

40.126.32.72

20.190.160.20

40.126.32.74

40.126.32.140

40.126.32.133

40.126.32.136

40.126.32.76

40.126.32.68

DNS Response

20.190.159.23

20.190.159.68

20.190.159.73

40.126.31.73

20.190.159.64

20.190.159.4

40.126.31.69

20.190.159.75
8.8.8.8:53

www.tm.v4.a.prd.aadg.trafficmanager.net

dns

firefox.exe

85 B
146 B
1
1

DNS Request

www.tm.v4.a.prd.aadg.trafficmanager.net
8.8.8.8:53

154.109.199.185.in-addr.arpa

dns

148 B
118 B
2
1

DNS Request

154.109.199.185.in-addr.arpa

DNS Request

154.109.199.185.in-addr.arpa
8.8.8.8:53

133.110.199.185.in-addr.arpa

dns

148 B
118 B
2
1

DNS Request

133.110.199.185.in-addr.arpa

DNS Request

133.110.199.185.in-addr.arpa
8.8.8.8:53

4.159.190.20.in-addr.arpa

dns

142 B
157 B
2
1

DNS Request

4.159.190.20.in-addr.arpa

DNS Request

4.159.190.20.in-addr.arpa
8.8.8.8:53

collector.github.com

dns

firefox.exe

132 B
230 B
2
2

DNS Request

collector.github.com

DNS Request

collector.github.com

DNS Response

140.82.113.21

DNS Response

140.82.113.21
8.8.8.8:53

avatars.githubusercontent.com

dns

firefox.exe

150 B
278 B
2
2

DNS Request

avatars.githubusercontent.com

DNS Request

avatars.githubusercontent.com

DNS Response

185.199.110.133

185.199.111.133

185.199.109.133

185.199.108.133

DNS Response

185.199.108.133

185.199.110.133

185.199.111.133

185.199.109.133
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

150 B
182 B
2
2

DNS Request

glb-db52c2cf8be544.github.com

DNS Request

glb-db52c2cf8be544.github.com

DNS Response

140.82.113.21

DNS Response

140.82.113.21
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

150 B
299 B
2
2

DNS Request

glb-db52c2cf8be544.github.com

DNS Request

glb-db52c2cf8be544.github.com
8.8.8.8:53

api.github.com

dns

firefox.exe

120 B
152 B
2
2

DNS Request

api.github.com

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Response

20.26.156.210
8.8.8.8:53

www.bing.com.cdn.cloudflare.net

dns

firefox.exe

154 B
218 B
2
2

DNS Request

www.bing.com.cdn.cloudflare.net

DNS Request

www.bing.com.cdn.cloudflare.net

DNS Response

104.18.33.89

172.64.154.167

DNS Response

104.18.33.89

172.64.154.167
8.8.8.8:53

avatars.githubusercontent.com

dns

firefox.exe

150 B
374 B
2
2

DNS Request

avatars.githubusercontent.com

DNS Request

avatars.githubusercontent.com

DNS Response

2606:50c0:8001::154

2606:50c0:8003::154

2606:50c0:8002::154

2606:50c0:8000::154

DNS Response

2606:50c0:8000::154

2606:50c0:8003::154

2606:50c0:8001::154

2606:50c0:8002::154
8.8.8.8:53

api.github.com

dns

firefox.exe

120 B
152 B
2
2

DNS Request

api.github.com

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Response

20.26.156.210
8.8.8.8:53

www.bing.com.cdn.cloudflare.net

dns

firefox.exe

154 B
266 B
2
2

DNS Request

www.bing.com.cdn.cloudflare.net

DNS Request

www.bing.com.cdn.cloudflare.net

DNS Response

2606:4700:4400::6812:2159

2606:4700:4400::ac40:9aa7

DNS Response

2606:4700:4400::6812:2159

2606:4700:4400::ac40:9aa7
8.8.8.8:53

167.154.64.172.in-addr.arpa

dns

146 B
270 B
2
2

DNS Request

167.154.64.172.in-addr.arpa

DNS Request

167.154.64.172.in-addr.arpa
8.8.8.8:53

21.113.82.140.in-addr.arpa

dns

144 B
234 B
2
2

DNS Request

21.113.82.140.in-addr.arpa

DNS Request

21.113.82.140.in-addr.arpa
8.8.8.8:53

api.github.com

dns

firefox.exe

120 B
250 B
2
2

DNS Request

api.github.com

DNS Request

api.github.com
8.8.8.8:53

210.156.26.20.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

210.156.26.20.in-addr.arpa

DNS Request

210.156.26.20.in-addr.arpa
8.8.8.8:53

collector.github.com

dns

firefox.exe

132 B
230 B
2
2

DNS Request

collector.github.com

DNS Request

collector.github.com

DNS Response

140.82.112.22

DNS Response

140.82.112.22
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

150 B
182 B
2
2

DNS Request

glb-db52c2cf8be544.github.com

DNS Request

glb-db52c2cf8be544.github.com

DNS Response

140.82.112.22

DNS Response

140.82.112.21
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

150 B
280 B
2
2

DNS Request

glb-db52c2cf8be544.github.com

DNS Request

glb-db52c2cf8be544.github.com
8.8.8.8:53

github.com

dns

firefox.exe

112 B
72 B
2
1

DNS Request

github.com

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

github.com

dns

firefox.exe

112 B
72 B
2
1

DNS Request

github.com

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

github.com

dns

firefox.exe

112 B
242 B
2
2

DNS Request

github.com

DNS Request

github.com
8.8.8.8:53

api.github.com

dns

firefox.exe

120 B
152 B
2
2

DNS Request

api.github.com

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Response

20.26.156.210
8.8.8.8:53

api.github.com

dns

firefox.exe

120 B
269 B
2
2

DNS Request

api.github.com

DNS Request

api.github.com
8.8.8.8:53

200.64.52.20.in-addr.arpa

dns

142 B
314 B
2
2

DNS Request

200.64.52.20.in-addr.arpa

DNS Request

200.64.52.20.in-addr.arpa
8.8.8.8:53

btc.blockr.io

dns

drpbx.exe

118 B
250 B
2
2

DNS Request

btc.blockr.io

DNS Request

btc.blockr.io
8.8.8.8:53

btc.blockr.io

dns

drpbx.exe

118 B
250 B
2
2

DNS Request

btc.blockr.io

DNS Request

btc.blockr.io
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

164 B
196 B
2
2

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Response

35.244.181.201

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

164 B
350 B
2
2

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Request

prod.balrog.prod.cloudops.mozgcp.net
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

206 B
238 B
2
2

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191

DNS Response

34.160.144.191
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

206 B
262 B
2
2

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

201.181.244.35.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

201.181.244.35.in-addr.arpa
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

130 B
162 B
2
2

DNS Request

redirector.gvt1.com

DNS Request

redirector.gvt1.com

DNS Response

142.250.179.174

DNS Response

142.250.179.174
8.8.8.8:53

ciscobinary.openh264.org

dns

firefox.exe

140 B
572 B
2
2

DNS Request

ciscobinary.openh264.org

DNS Request

ciscobinary.openh264.org

DNS Response

88.221.134.209

88.221.134.155

DNS Response

88.221.134.209

88.221.134.155
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

130 B
162 B
2
2

DNS Request

redirector.gvt1.com

DNS Request

redirector.gvt1.com

DNS Response

142.250.179.174

DNS Response

142.250.179.174
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

134 B
198 B
2
2

DNS Request

a19.dscg10.akamai.net

DNS Request

a19.dscg10.akamai.net

DNS Response

88.221.134.209

88.221.134.155

DNS Response

88.221.134.209

88.221.134.155
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

134 B
246 B
2
2

DNS Request

a19.dscg10.akamai.net

DNS Request

a19.dscg10.akamai.net

DNS Response

2a02:26f0:a1::58dd:86d1

2a02:26f0:a1::58dd:869b

DNS Response

2a02:26f0:a1::58dd:869b

2a02:26f0:a1::58dd:86d1
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

130 B
186 B
2
2

DNS Request

redirector.gvt1.com

DNS Request

redirector.gvt1.com

DNS Response

2a00:1450:400e:802::200e

DNS Response

2a00:1450:400e:802::200e
142.250.179.174:443

redirector.gvt1.com

https

firefox.exe

3.3kB
9.3kB
8
10
8.8.8.8:53

r5---sn-4g5lzney.gvt1.com

dns

firefox.exe

142 B
232 B
2
2

DNS Request

r5---sn-4g5lzney.gvt1.com

DNS Request

r5---sn-4g5lzney.gvt1.com

DNS Response

74.125.163.138

DNS Response

74.125.163.138
8.8.8.8:53

r5.sn-4g5lzney.gvt1.com

dns

firefox.exe

138 B
170 B
2
2

DNS Request

r5.sn-4g5lzney.gvt1.com

DNS Request

r5.sn-4g5lzney.gvt1.com

DNS Response

74.125.163.138

DNS Response

74.125.163.138
8.8.8.8:53

r5.sn-4g5lzney.gvt1.com

dns

firefox.exe

138 B
194 B
2
2

DNS Request

r5.sn-4g5lzney.gvt1.com

DNS Request

r5.sn-4g5lzney.gvt1.com

DNS Response

2a00:1450:4001:1b::a

DNS Response

2a00:1450:4001:1b::a
74.125.163.138:443

r5.sn-4g5lzney.gvt1.com

https

firefox.exe

1.8kB
5.9kB
5
7
8.8.8.8:53

209.134.221.88.in-addr.arpa

dns

146 B
139 B
2
1

DNS Request

209.134.221.88.in-addr.arpa

DNS Request

209.134.221.88.in-addr.arpa
8.8.8.8:53

174.179.250.142.in-addr.arpa

dns

148 B
113 B
2
1

DNS Request

174.179.250.142.in-addr.arpa

DNS Request

174.179.250.142.in-addr.arpa
8.8.8.8:53

138.163.125.74.in-addr.arpa

dns

146 B
112 B
2
1

DNS Request

138.163.125.74.in-addr.arpa

DNS Request

138.163.125.74.in-addr.arpa
8.8.8.8:53

56.28.101.95.in-addr.arpa

dns

142 B
270 B
2
2

DNS Request

56.28.101.95.in-addr.arpa

DNS Request

56.28.101.95.in-addr.arpa
8.8.8.8:53

7tno4hib47vlep5o.tor2web.org

dns

gsalfrh.exe

148 B
180 B
2
2

DNS Request

7tno4hib47vlep5o.tor2web.org

DNS Request

7tno4hib47vlep5o.tor2web.org

DNS Response

103.198.0.111

DNS Response

103.198.0.111
8.8.8.8:53

7tno4hib47vlep5o.tor2web.blutmagie.de

dns

gsalfrh.exe

166 B
278 B
2
2

DNS Request

7tno4hib47vlep5o.tor2web.blutmagie.de

DNS Request

7tno4hib47vlep5o.tor2web.blutmagie.de
8.8.8.8:53

7tno4hib47vlep5o.tor2web.fi

dns

gsalfrh.exe

146 B
266 B
2
2

DNS Request

7tno4hib47vlep5o.tor2web.fi

DNS Request

7tno4hib47vlep5o.tor2web.fi
8.8.8.8:53

bitcoin.toshi.io

dns

gsalfrh.exe

124 B
124 B
2
2

DNS Request

bitcoin.toshi.io

DNS Request

bitcoin.toshi.io
8.8.8.8:53

7tno4hib47vlep5o.tor2web.blutmagie.de

dns

gsalfrh.exe

166 B
278 B
2
2

DNS Request

7tno4hib47vlep5o.tor2web.blutmagie.de

DNS Request

7tno4hib47vlep5o.tor2web.blutmagie.de
8.8.8.8:53

bitcoin.toshi.io

dns

gsalfrh.exe

124 B
124 B
2
2

DNS Request

bitcoin.toshi.io

DNS Request

bitcoin.toshi.io
8.8.8.8:53

7tno4hib47vlep5o.tor2web.fi

dns

gsalfrh.exe

146 B
266 B
2
2

DNS Request

7tno4hib47vlep5o.tor2web.fi

DNS Request

7tno4hib47vlep5o.tor2web.fi
8.8.8.8:53

github.com

dns

firefox.exe

112 B
144 B
2
2

DNS Request

github.com

DNS Request

github.com

DNS Response

20.26.156.215

DNS Response

20.26.156.215
8.8.8.8:53

github.com

dns

firefox.exe

112 B
242 B
2
2

DNS Request

github.com

DNS Request

github.com
8.8.8.8:53

collector.github.com

dns

firefox.exe

132 B
230 B
2
2

DNS Request

collector.github.com

DNS Request

collector.github.com

DNS Response

140.82.112.21

DNS Response

140.82.113.21
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

150 B
182 B
2
2

DNS Request

glb-db52c2cf8be544.github.com

DNS Request

glb-db52c2cf8be544.github.com

DNS Response

140.82.113.22

DNS Response

140.82.113.22
8.8.8.8:53

api.github.com

dns

firefox.exe

120 B
152 B
2
2

DNS Request

api.github.com

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Response

20.26.156.210
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

150 B
280 B
2
2

DNS Request

glb-db52c2cf8be544.github.com

DNS Request

glb-db52c2cf8be544.github.com
8.8.8.8:53

api.github.com

dns

firefox.exe

120 B
152 B
2
2

DNS Request

api.github.com

DNS Request

api.github.com

DNS Response

20.26.156.210

DNS Response

20.26.156.210
8.8.8.8:53

api.github.com

dns

firefox.exe

120 B
144 B
2
1

DNS Request

api.github.com

DNS Request

api.github.com
8.8.8.8:53

21.112.82.140.in-addr.arpa

dns

144 B
234 B
2
2

DNS Request

21.112.82.140.in-addr.arpa

DNS Request

21.112.82.140.in-addr.arpa
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

164 B
98 B
2
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

164 B
350 B
2
2

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Request

prod.balrog.prod.cloudops.mozgcp.net
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

188 B
220 B
2
2

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

188 B
187 B
2
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

206 B
238 B
2
2

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191

DNS Response

34.160.144.191
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

206 B
262 B
2
2

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

e86303.dscx.akamaiedge.net

dns

firefox.exe

144 B
208 B
2
2

DNS Request

e86303.dscx.akamaiedge.net

DNS Request

e86303.dscx.akamaiedge.net

DNS Response

95.101.143.201

95.101.143.219

DNS Response

95.101.143.219

95.101.143.201
95.101.143.219:443

e86303.dscx.akamaiedge.net

https

firefox.exe

137.3kB
307.2kB
301
451
8.8.8.8:53

e86303.dscx.akamaiedge.net

dns

firefox.exe

144 B
128 B
2
1

DNS Request

e86303.dscx.akamaiedge.net

DNS Request

e86303.dscx.akamaiedge.net

DNS Response

2a02:26f0:1780:d::213:f823

2a02:26f0:1780:d::213:f81f
8.8.8.8:53

r.bing.com

dns

firefox.exe

112 B
408 B
2
2

DNS Request

r.bing.com

DNS Request

r.bing.com

DNS Response

95.101.143.219

95.101.143.201

DNS Response

95.101.143.219

95.101.143.201
8.8.8.8:53

th.bing.com

dns

firefox.exe

114 B
428 B
2
2

DNS Request

th.bing.com

DNS Request

th.bing.com

DNS Response

95.101.143.201

95.101.143.219

DNS Response

95.101.143.219

95.101.143.201

88.221.135.33
8.8.8.8:53

www.bing.com.cdn.cloudflare.net

dns

firefox.exe

154 B
218 B
2
2

DNS Request

www.bing.com.cdn.cloudflare.net

DNS Request

www.bing.com.cdn.cloudflare.net

DNS Response

172.64.154.167

104.18.33.89

DNS Response

104.18.33.89

172.64.154.167
8.8.8.8:53

www.bing.com.cdn.cloudflare.net

dns

firefox.exe

154 B
266 B
2
2

DNS Request

www.bing.com.cdn.cloudflare.net

DNS Request

www.bing.com.cdn.cloudflare.net

DNS Response

2606:4700:4400::ac40:9aa7

2606:4700:4400::6812:2159

DNS Response

2606:4700:4400::6812:2159

2606:4700:4400::ac40:9aa7
8.8.8.8:53

location.services.mozilla.com

dns

firefox.exe

150 B
306 B
2
2

DNS Request

location.services.mozilla.com

DNS Request

location.services.mozilla.com

DNS Response

35.190.72.216

DNS Response

35.190.72.216
8.8.8.8:53

prod.classify-client.prod.webservices.mozgcp.net

dns

firefox.exe

188 B
220 B
2
2

DNS Request

prod.classify-client.prod.webservices.mozgcp.net

DNS Request

prod.classify-client.prod.webservices.mozgcp.net

DNS Response

35.190.72.216

DNS Response

35.190.72.216
8.8.8.8:53

prod.classify-client.prod.webservices.mozgcp.net

dns

firefox.exe

188 B
374 B
2
2

DNS Request

prod.classify-client.prod.webservices.mozgcp.net

DNS Request

prod.classify-client.prod.webservices.mozgcp.net
35.190.72.216:443

prod.classify-client.prod.webservices.mozgcp.net

https

firefox.exe

1.8kB
4.2kB
5
6
8.8.8.8:53

216.72.190.35.in-addr.arpa

dns

144 B
248 B
2
2

DNS Request

216.72.190.35.in-addr.arpa

DNS Request

216.72.190.35.in-addr.arpa
8.8.8.8:53

189.40.188.131.in-addr.arpa

dns

146 B
242 B
2
2

DNS Request

189.40.188.131.in-addr.arpa

DNS Request

189.40.188.131.in-addr.arpa
8.8.8.8:53

244.244.23.193.in-addr.arpa

dns

146 B
216 B
2
2

DNS Request

244.244.23.193.in-addr.arpa

DNS Request

244.244.23.193.in-addr.arpa
8.8.8.8:53

78.193.25.171.in-addr.arpa

dns

144 B
220 B
2
2

DNS Request

78.193.25.171.in-addr.arpa

DNS Request

78.193.25.171.in-addr.arpa
8.8.8.8:53

9.193.25.171.in-addr.arpa

dns

142 B
202 B
2
2

DNS Request

9.193.25.171.in-addr.arpa

DNS Request

9.193.25.171.in-addr.arpa
8.8.8.8:53

12.48.183.95.in-addr.arpa

dns

142 B
212 B
2
2

DNS Request

12.48.183.95.in-addr.arpa

DNS Request

12.48.183.95.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Windows Management Instrumentation

T1047

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Image File Execution Options Injection

T1546.012

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Image File Execution Options Injection

T1546.012

Defense Evasion

Direct Volume Access

T1006

File and Directory Permissions Modification

T1222

Windows File and Directory Permissions Modification

T1222.001

Hide Artifacts

T1564

Hidden Files and Directories

T1564.001

Indicator Removal

T1070

Clear Persistence

T1070.009

File Deletion

T1070.004

Modify Registry

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

System Information Discovery